Report - bugaia.net/

Report Overview

Submitted URL
bugaia.net/
IP
68.65.122.94
ASN
#22612 NAMECHEAP-NET
Submitted
2022-12-06 04:14:42
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
342

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
bugaia.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	54 kB	939 kB	68.65.122.94
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.74.230
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	95.101.11.115
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	18 kB	151.101.65.229
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	88 kB	104.17.25.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	2.0 kB	172.217.21.168
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	794 B	69 kB	104.18.11.207
embed.tawk.to	8650	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	3.4 kB	104.22.24.131
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	7.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	59 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.20.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	bugaia.net/	Malware
2022-12-06	medium	bugaia.net/uploads/stander/158713492852480.png.webp	Malware
2022-12-06	medium	bugaia.net/	Malware
2022-12-06	medium	bugaia.net/uploads/Services/158967080612293.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/Services/158967065682015.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/Services/158967013253102.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/Services/158967043380709.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/Services/158966926685223.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/Services/158966973110459.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/Services/158966903169880.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/Services/158966770775768.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/Services/158966805523267.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/Services/158966433165945.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/projectType/158974791852781.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/projectType/158974783660719.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/projectType/158974761834881.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/shape1.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/projectType/158974774544159.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/shape2.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/shape4.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/stander/158713492837386.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/shape3.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/icon1.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/icon2.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/icon4.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/wrk1.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/shape5.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/icon3.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/user.jpg.webp	Malware
2022-12-06	medium	bugaia.net/uploads/client/159080333517670.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/client/160008936383142.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/client/159080339152875.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/client/159080345421906.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/js/bugaia.js	Malware
2022-12-06	medium	bugaia.net/uploads/client/160008931775531.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/js/main.js	Malware
2022-12-06	medium	bugaia.net/uploads/stander/158713492871545.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/project/160009065495381.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/blogs/158975598286182.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/blogs/158975212448488.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/blogs/158975454857803.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/client/159080329590334.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/client/159080354649987.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/client/159080342639278.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/prj0.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/project/160009056766991.png.webp	Malware
2022-12-06	medium	bugaia.net/uploads/project/160009059712052.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/images/footer.svg	Malware
2022-12-06	medium	bugaia.net/assets/images/mountain_header.svg	Malware
2022-12-06	medium	bugaia.net/assets/images/border.svg	Malware
2022-12-06	medium	bugaia.net/uploads/project/160009063425370.png.webp	Malware
2022-12-06	medium	bugaia.net/assets/fonts/TAJAWAL/TAJAWAL-REGULAR.TTF	Malware
2022-12-06	medium	bugaia.net/assets/fonts/TAJAWAL/TAJAWAL-BOLD.TTF	Malware
2022-12-06	medium	bugaia.net/assets/fonts/TAJAWAL/TAJAWAL-EXTRABOLD.TTF	Malware
2022-12-06	medium	bugaia.net/assets/images/fav.png.webp	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed
2022-12-06	medium	bugaia.net	Sinkholed

JavaScript (28)

	URL	Size	First Seen	Last Seen
	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-23
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-23 11:05:19 Times Seen54482 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f163fcd0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-01 20:53:29 Times Seen11867 Hash a92075fd9ac5ba130387a80453676099 4b5b13cf9479b8311d574356e53f8da74200c57a 544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de Loading...

	cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js	44 kB	2023-03-07	2024-04-23
Pretty URL cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-23 08:12:20 Times Seen19877 Hash f416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Loading...

	bugaia.net/assets/js/bugaia.js	2.2 kB	2023-03-08	2023-03-08
Pretty URL bugaia.net/assets/js/bugaia.js IP 68.65.122.94 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:03:38 Last Seen2023-03-08 20:03:38 Times Seen1 Hash 5865913abca3f83338d827b8d24ae51c 1c777981a812a91bab33b2b5e4109937f2e753b5 1cc8dbf815810fc2fcc81af3738102ab69d3c10663c9820a1ed10933e5ff7434 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js	196 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2024-01-03 04:29:13 Times Seen4 Hash bde99510bdf9ab7bbc9ce82519a19a36 c0d4758cbef7cb74c32021e2f6c6271ae995c919 654d5153e9271fb0cf77a967a37cb4e615a1f911a9957f747f395d824d0cca44 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/languages/en.js	17 kB	2023-03-07	2024-02-05
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/languages/en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:47 Last Seen2024-02-05 02:14:35 Times Seen39084 Hash 585ba00b2c167b90c210161454f843b5 89ee8372cc6d5eb307cf5840b70d8f3dab3c57f2 e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-48f46bef.js	16 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-48f46bef.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2023-03-12 19:39:42 Times Seen1 Hash 12f6c0f6e6cec2a03629fbce091e2072 f900879b5df1ad4add9e9312ade124a70a14607c 663028e7a6e8b469483d28f1b38a593e73623ae4e95eebdef03eecc014da0316 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-32507910.js	74 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-32507910.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2023-03-12 19:40:33 Times Seen1 Hash af764270cff49e4f88710a5824f1af0a 5101715aafd662b8ef1bae9a588ba7e8650c2b5e 8ea95ad5c8b1c5de01a4a647ba43f1d82e0e94337b17995abaa29a6dc7d5bffc Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-696bc286.js	17 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-696bc286.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2023-03-12 19:40:33 Times Seen1 Hash a4ee0f7f38343d301e91591fc360d3fa 0748ec2421e5495f8cd80c749a827065c4b43eb1 83bf5bc596982a4f75467e476f78e856ac970915731fb11c7115f5feaac5027b Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2d0b9454.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	bugaia.net/	76 B	2023-03-08	2023-03-08
Pretty URL bugaia.net/ IP 68.65.122.94 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:03:38 Last Seen2023-03-08 20:03:38 Times Seen1 Hash 72d0bc169a7b62a1cf549b0eafa6061f f184ffaad450346332f01c53cb217854d7a5ee9d c2fb40af9370971cebfc4b28b5b11c5a849010cbfcbe07df6e9d53cad05eb7ac Loading...

	bugaia.net/	323 B	2023-03-08	2023-03-08
Pretty URL bugaia.net/ IP 68.65.122.94 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:03:38 Last Seen2023-03-08 20:03:38 Times Seen1 Hash 3038fe2041320dd0e3c70ab7f771a26b 26328f89b8592c19aa8db2f8da02d263cbf5ac75 67441f405c3d1aaedf46d2456e47f27924086f34bfb07eba461d99ca1bd083ca Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js	86 kB	2023-03-07	2024-04-12
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:19 Last Seen2024-04-12 18:34:35 Times Seen860 Hash 6cbb321051a268424103cd4aea8ffa66 7cb05e3d551cd61439337b2cb22f49b1955f9711 82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js	121 B	2023-03-07	2024-04-23
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-23 09:09:34 Times Seen45916 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js	211 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:02:52 Last Seen2024-01-03 04:29:13 Times Seen92 Hash 70dac54eca3bb2143032bc4db3237623 b072b86acccf5e05a52ebfbff58ec2961b200063 299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js	7.1 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-12-01 20:53:29 Times Seen7234 Hash fac25ff2d2c405e1ac7e156dca1f819c 9e7c83d4eefe4f64b4f1c43d15f21b248697a125 97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-4fe9d5dd.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

	cdnjs.cloudflare.com/ajax/libs/parallax/3.1.0/parallax.min.js	17 kB	2023-03-07	2024-04-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/parallax/3.1.0/parallax.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-09 11:49:45 Times Seen537 Hash 6dbee040c8d4fb731bd44936b2efc99a 0a7ac970f67b7fa08738a5be55233e9e741ad267 bf4d20b28de8c7f77428b24325ec3afb39b6f7e277f6b61666f3a0a17cc3b42b Loading...

	bugaia.net/	316 B	2023-03-08	2023-03-08
Pretty URL bugaia.net/ IP 68.65.122.94 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:03:38 Last Seen2023-03-08 20:03:38 Times Seen1 Hash aeb22996059e506e6dee68a49d45d8eb 584380e5973f422e6639c829111c2f9becd585a8 487d44ca6629d59916d0408f690556aa8d92f38112fa9cc454214b29ad436dac Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js	151 B	2023-03-07	2024-04-23
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-23 09:09:34 Times Seen46597 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	cdn.jsdelivr.net/npm/sweetalert2@9	68 kB	2023-03-08	2024-04-21
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@9 IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:28:13 Last Seen2024-04-21 18:29:06 Times Seen653 Hash 0c0de18caa00c8ea26099fb8cd50b05a b81e4affd6f879f32d6027e404cf477257663c39 1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js	68 kB	2023-03-07	2024-04-22
Pretty URL cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-22 22:48:51 Times Seen7098 Hash 49a6b4d019a934bcf83f0c397eba82d8 6181412e73966696d08e1e5b1243a572d0f22ba6 cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf Loading...

	cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.12/js/bootstrap-select.min.js	52 kB	2023-03-07	2024-02-27
Pretty URL cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.12/js/bootstrap-select.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:43 Last Seen2024-02-27 23:28:37 Times Seen97 Hash 69c3d7926d5af92d72665aeb1136fc40 05a68c485f036257ff60bf9770e59f0e4cf68bd9 fa8fd7f9009c7d39044b932ba1374d2f9ceb2cd19bde2e1d61d58f5aeabac216 Loading...

	bugaia.net/	64 B	2023-03-08	2023-03-08
Pretty URL bugaia.net/ IP 68.65.122.94 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:03:38 Last Seen2023-03-08 20:03:38 Times Seen1 Hash f9633c2a24bc54be6f67e58a2547884b f4da3d15f2bf0d1110f62ab847fc693aa8314c8b 5ac3a0792a1042865e18a3b6d8d6ef22ee3d4d30f53ee04558a8d17b740cdd45 Loading...

	embed.tawk.to/5ae10d755f7cdf4f05339e3f/default	2.1 kB	2023-03-08	2023-03-08
Pretty URL embed.tawk.to/5ae10d755f7cdf4f05339e3f/default IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:03:38 Last Seen2023-03-08 20:03:38 Times Seen1 Hash 9eed9a75131df5ffa036114f0cfc2ce0 40e24eef58878c58ab7ac1af62dfb3b11ac4613e d2b5634ebddd04403c635f0161afd28f72e99ee300954dc18cbf16ad4cac2f74 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js	2.3 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2024-01-03 04:29:13 Times Seen3 Hash 9075c2f5460b2832318d3c7217cc68cb b8742c9ec6d976051538e69ae8a92e354b62638b 6d510d7d2266769c4b312b4db0fc12e180db9c5ef2d75926c5b8f23543788aba Loading...

	bugaia.net/assets/js/main.js	4.7 kB	2023-03-08	2023-03-08
Pretty URL bugaia.net/assets/js/main.js IP 68.65.122.94 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:03:38 Last Seen2023-03-08 20:03:38 Times Seen1 Hash bd6f126b36901b262852897b24bfc1c8 0c709024f887c9bebb8a012d5b74c14b1433f482 c67f372c0eee0437f18c16f359e474e5d23bd8f3f9d0fd6994e3f5d19d6b99b1 Loading...

HTTP Transactions (109)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7610
Expires: Tue, 06 Dec 2022 06:21:20 GMT
Date: Tue, 06 Dec 2022 04:14:30 GMT
Connection: keep-alive

bugaia.net/

68.65.122.94

301 Moved Permanently

707 B

URL HTTP/1.1
bugaia.net/
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 06 Dec 2022 04:14:29 GMT
server: LiteSpeed
location: https://bugaia.net/
x-turbo-charged-by: LiteSpeed

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3191
Cache-Control: max-age=112200
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:30 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:24:30 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 03:20:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3249
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19627
Expires: Tue, 06 Dec 2022 09:41:37 GMT
Date: Tue, 06 Dec 2022 04:14:30 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Cko+3nCTn340udcJMGS32EtZ9ZIBppvscV6imv5qFMLwnDHElfqWd/aTS+oJRBDSjelYseznhRM=
x-amz-request-id: K07QER9EB9SBE4NT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 03:48:46 GMT
age: 1544
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:14:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 04:11:20 GMT
cache-control: public,max-age=3600
age: 190
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
fd03dd0bee409505cf715db73262603c
551564be8c1ea89f2f860670d3b43baae9687b11
4c886d6c325d2322f664186d19195f51ead826be0417837c1909dc6907cfad09

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 04:14:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:26:54 GMT
Expires: Sun, 11 Dec 2022 12:26:53 GMT
Etag: "551564be8c1ea89f2f860670d3b43baae9687b11"
Cache-Control: max-age=460942,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775231f149390b69-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3145
Cache-Control: max-age=107087
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:30 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:59:17 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.42.74.230

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.74.230:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: scAzNZY+PN3+HdWQSAadqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SrxDOnipGouBJWTt0lV2oVuP0hU=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b9e460c077e837add10b7e423b149f6e
cde6854da1c7108d3d6c8184f9a39d2d20ba0c78
874a4babc2bf54d880f94425142d3cce3151d964efd54c8bffec992b064c1be3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2953
Cache-Control: max-age=99358
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638d973c-117"
Expires: Wed, 07 Dec 2022 07:50:29 GMT
Last-Modified: Mon, 05 Dec 2022 07:01:16 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5817
Cache-Control: max-age=150449
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:02:00 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5817
Cache-Control: max-age=150449
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:02:00 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css

104.17.25.14

200 OK

2.7 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12795), with no line terminators
Size
2.7 kB (2695 bytes)
Hash
763b8aa8becf095178bc43d55da66e6d
c4a63a7fedd1693c5fa7dd18716ac8f8fd6570ae
1914fb16590956c63b1d05baca1201c6793b70ea52f7c256882d53dad7a199ca

HTTP Headers

GET /ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:31 GMT
content-type: text/css; charset=utf-8
content-length: 2695
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e58-31fb"
last-modified: Mon, 04 May 2020 16:10:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1117476
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fY99Pfij4MSQfvvFeeqbUBdImcQylZKXikfTjr8Mbp2i0SrOhmrw0Y3PE7udOqqA2PkcdOej2q2jzbnw3sHoNDAiLSWVqRnKcKe2yXxKT3eMNrGvNKgjhzsHa7BpIDbiKNY%2BCUHU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f53e14b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js

104.17.25.14

200 OK

19 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (31972)
Size
19 kB (19249 bytes)
Hash
c8e69fc65287045e4f083a6bcd40b8e0
fa3a37740705510fe08c3b286ea9a81e2e4bb04d
bffefe5f48974eeda69bb6a53127b10ee8244ba7f9dd4a925f2f2c1bde189db0

HTTP Headers

GET /ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 19249
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e58-10a9d"
last-modified: Mon, 04 May 2020 16:10:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2114376
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yD4cg2jvzR34WUPH6HMje5BYu8nUgPiQdA0FemOPMTEogzUKGoAcei3KUpZ7hNmffS1wVKfujhHRdpqw70byfLmBhIPgkGDxLV8jahRK%2FysLl3tZqfOsTtz9du4VxxBh3sa3%2BS%2B6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f53e15b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5817
Cache-Control: max-age=150449
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:02:00 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.12/css/bootstrap-select.min.css

104.17.25.14

200 OK

1.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.12/css/bootstrap-select.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (10879), with CRLF line terminators
Size
1.9 kB (1877 bytes)
Hash
fa5a5f83784e8be2fc74e6a7ce9c5ec5
36c98dc25ca4c86522749860baf037a5a9407620
651daf006ddbba40e8f58095cbf404c26a3361ac20115c989448df1ef53e9b35

HTTP Headers

GET /ajax/libs/bootstrap-select/1.13.12/css/bootstrap-select.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:31 GMT
content-type: text/css; charset=utf-8
content-length: 1877
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-2b70"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15740077
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3T%2F2pD8KkVwLQjxUokkodXochPaIzA%2BdVcLBHU9GQXvtiPlhRX0dqqecBnK%2BSHyVLcxEE7n6ZFTb1R%2BXFsSIKYg8pLMHolVYvSrPagfKwXqmRzpjxoLb77swpPBdI9VOh%2F7hMbY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f55e1fb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.12/js/bootstrap-select.min.js

104.17.25.14

200 OK

14 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.12/js/bootstrap-select.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (51305), with CRLF line terminators
Size
14 kB (13484 bytes)
Hash
ec0dada007fe525d9e7cb03a950257cc
306ed2e50d7c9104c65a22bb642421d8c1bbc988
2ceee82f2ec6e5f5bd21a443e2c9044caa5fbbef925a0938de93bf0e95022626

HTTP Headers

GET /ajax/libs/bootstrap-select/1.13.12/js/bootstrap-select.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 13484
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-c993"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15763844
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75UHmBpI5Vn%2BQN2d84kdZrwZ2Ny8RbB4SK8yZ9pUfdUq57b04xTm5CecTB0Ll8mVzYOAoZq%2BjZxhwhZbgRfYaAqXR4se%2FtfFx31j1aJ8Wakcg0ucuWFaQA%2B%2BHazGLJaes%2Bd3JvBz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f55e1bb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4934
Cache-Control: max-age=149566
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 21:47:17 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6051
Cache-Control: max-age=150683
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:05:54 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/parallax/3.1.0/parallax.min.js

104.17.25.14

200 OK

4.7 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/parallax/3.1.0/parallax.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (17272)
Size
4.7 kB (4655 bytes)
Hash
0bb455442d6528ba3d5c5dac37f7107e
7d59cba826ed9b3bc08bcf4c86cbe75b9fc61503
3c05436d103f8b7074c0f148209867bb8848da7f0cbc74be0b900ad0e228d3f3

HTTP Headers

GET /ajax/libs/parallax/3.1.0/parallax.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 4655
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f40-43a2"
last-modified: Mon, 04 May 2020 16:13:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5303101
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rjhxHol3jyzdprBDByEagtv9vRclD7nVofx%2FKbwy%2Fq6zHJF25%2FgzCjCZBwjQ7SDrdtLvF7ppZE83aRdw%2BcLQeS1zbNhP6eyBmL0sngpZ8r3gS%2FNi4rcOqrYnc3U8j3lSvI%2FMKUC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f57e38b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/sweetalert2@9

151.101.65.229

200 OK

18 kB

URL HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@9
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (42473)
Size
18 kB (17636 bytes)
Hash
3d2d1d8f88b04245de2e6b5bceb87a51
224c6a193b5ddf089464884243db70694476473c
c45b919f19c21090fa43adba07faf4f6cd3db02f114b98b0dc155a119d554ad4

HTTP Headers

GET /npm/sweetalert2@9 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 9.17.4
x-jsd-version-type: version
etag: W/"1080d-uB5K/9b4efMtYCfkBM9HcldmPDk"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 04:14:31 GMT
age: 20608
x-served-by: cache-fra-eddf8230067-FRA, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17636
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css

104.17.25.14

200 OK

845 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3184)
Size
845 B (845 bytes)
Hash
156afaf08dd47df971d3a40926c19974
d3f886560b55ff3c39d628ef16a71ca49cb7ecfb
e4f93dd20cb7feb2c6d408b396e194928381545d24584431ab341ed094fb31fa

HTTP Headers

GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:31 GMT
content-type: text/css; charset=utf-8
content-length: 845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-d17"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 542026
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFBRmkDxXg1oYpxtAghbSuVis3GgFyVyREd1ccYOm1NLRoIDldxkMIMSqq9499qg%2Bj%2FY4dnIKJ%2BbmS2UyPBMvp%2BteRaBhz9mkycoDtFwJ0MU3lJFAhF8YFv9Tq4la55YrVehWsMY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f57e3ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b9e460c077e837add10b7e423b149f6e
cde6854da1c7108d3d6c8184f9a39d2d20ba0c78
874a4babc2bf54d880f94425142d3cce3151d964efd54c8bffec992b064c1be3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2953
Cache-Control: max-age=99358
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638d973c-117"
Expires: Wed, 07 Dec 2022 07:50:29 GMT
Last-Modified: Mon, 05 Dec 2022 07:01:16 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js

104.17.25.14

200 OK

27 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32019)
Size
27 kB (26983 bytes)
Hash
f8b4311e9b5b0b079b52cd057289c79f
950a8424cd75e591ac7a6de58d4db19ac42915b8
39422d6375b1232d550f801f848e49b7902f6c3117eb5670be1002b902ba3908

HTTP Headers

GET /ajax/libs/jquery/2.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 26983
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e7e"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1145417
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bySRGtoKklfhF4XeHCv%2FbskO8tnsIhGdQmRAk3p3x4K3U9bAj%2BqeO%2BFd1jEBLK6coxicyrWF0YnOIwz8LrxJb1bydijl1kazLw1u1Uev1lMft5fWtvqXBvVJ5zVlhauJaEQelMBW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f5be4bb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js

104.17.25.14

200 OK

10 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (31997)
Size
10 kB (10158 bytes)
Hash
da09af9c30411ac4ea58fa932c2bcdf1
3021a222be0168efcad5db279a305485935aeff5
19e819601b91eb75c0609dd6343a344f280a94b83e06e58595bafff5b12ca7f4

HTTP Headers

GET /ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 10158
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-ad36"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4101123
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2F8S%2F%2BkU5Fs2ob%2F2BkjJCTbFixcNw2kXrP9Xch9g%2Bn2hzscGQGZrziG1GN%2BEJk9fPSubQAe9c6dO6CQegQlaIsLvTfhe6Po4GMWx8Ccy7NwmkxbsjJHafY3n0MenewxELuzQuGEZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f5be4eb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4934
Cache-Control: max-age=149566
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 21:47:17 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
c0fc9cb5cffb933db9bad8a49fb959c3
f47df948c2011914c2c77f5a871b68770d2c9601
ea0d43cc822237f8996d6b6a238a5362e0c845d84a57581210baaf00a879d7bd

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 04:14:31 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "599F53480ECBCB5E6D430BB4AFC8AEF2A74C29B1"
Expires: Tue, 06 Dec 2022 15:00:00 GMT
Last-Modified: Tue, 06 Dec 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 907
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775231f5fcf91c16-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=123

172.217.21.168

404 Not Found

1.6 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=123
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1574 bytes)
Hash
727d70112212cf2c949d12548932490b
8d0410504540d3657a17c4e046a0941ff8111808
80dff8ef8d861a942fbe7baad3ed0aa032f738c13c092fd238a4d0892cb70ad8

HTTP Headers

GET /gtm.js?id=123 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 04:14:31 GMT
content-type: text/html; charset=UTF-8
server: Google Tag Manager
content-length: 1574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bugaia.net/uploads/stander/158713492852480.png.webp

68.65.122.94

200 OK

35 kB

URL HTTP/2
bugaia.net/uploads/stander/158713492852480.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
35 kB (34584 bytes)
Hash
804efc7fa6c41ee41447bbb686473d65
e5caf8583ce97a0e69b96864aedcbab3ea22ff88
e1e157c751776682e3e785e4147cd9e149dfef0b651ba97502f76ace183da081

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/stander/158713492852480.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 34584
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/

68.65.122.94

200 OK

16 kB

URL HTTP/2
bugaia.net/
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31892)
Size
16 kB (15526 bytes)
Hash
a4e063115a400521effa667e732d2b4a
093be2096d8c0a69eb34dc734e48d6b00c42b5bb
50740567aacb63b4fc3a19ab9554f59f756ea84e4038c7ec018c17daeff70cac

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; expires=Tue, 06-Dec-2022 06:14:30 GMT; Max-Age=7200; path=/; secure
bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D; expires=Tue, 06-Dec-2022 06:14:30 GMT; Max-Age=7200; path=/; httponly; secure
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 04:14:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/css/icons.css

68.65.122.94

200 OK

490 B

URL HTTP/2
bugaia.net/assets/css/icons.css
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1727), with no line terminators
Size
490 B (490 bytes)
Hash
ee4e819e82e0a6e7161c914c26b05df1
8e660fb7d5241d9a85d0834fcab45bc2139e4150
52d61cc8864bc8bab51a4a5a15ec8010c9d89e05db67b6e801dfe41f1da1a0c9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/icons.css HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: text/css
last-modified: Thu, 04 Feb 2021 23:49:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 490
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/Services/158967080612293.png.webp

68.65.122.94

200 OK

1.2 kB

URL HTTP/2
bugaia.net/uploads/Services/158967080612293.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.2 kB (1222 bytes)
Hash
0e6187be1467984517c7675b9f08a1bd
5ec6de974e939c8846fcf5ecfcebbe2620da8000
edb405d632fe7f8c1843e3b83805ffd88b7855ab2592e377bee94a92c9ad05ff

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/Services/158967080612293.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1222
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/Services/158967065682015.png.webp

68.65.122.94

200 OK

1.7 kB

URL HTTP/2
bugaia.net/uploads/Services/158967065682015.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.7 kB (1700 bytes)
Hash
25474b023b3433bb262efd64f3c15b41
6f5a64ca8a2ab642420b1f681a0878ebd33e00b7
52a1908adf9167324893faf161d49bdda7d9730e95d6ba7f69d44ec3f1fc0b9c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/Services/158967065682015.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1700
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/Services/158967013253102.png.webp

68.65.122.94

200 OK

1.1 kB

URL HTTP/2
bugaia.net/uploads/Services/158967013253102.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.1 kB (1132 bytes)
Hash
abb1c1ed3a4fbe6ce736ed9bb9f6be8b
4656ca2812b83b71313792629274d75e3d1f24cc
7b18e1a712fcac9693b560cdcabff5613089adcffeed720c5c5e66642a2be1a8

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/Services/158967013253102.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1132
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/Services/158967043380709.png.webp

68.65.122.94

200 OK

1.2 kB

URL HTTP/2
bugaia.net/uploads/Services/158967043380709.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.2 kB (1222 bytes)
Hash
0e6187be1467984517c7675b9f08a1bd
5ec6de974e939c8846fcf5ecfcebbe2620da8000
edb405d632fe7f8c1843e3b83805ffd88b7855ab2592e377bee94a92c9ad05ff

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/Services/158967043380709.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1222
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/Services/158966926685223.png.webp

68.65.122.94

200 OK

1.2 kB

URL HTTP/2
bugaia.net/uploads/Services/158966926685223.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.2 kB (1190 bytes)
Hash
11b3c8346c1081e645ba230bcec2716f
29cce8e6090cdd6c3ef056ebc3a3ce77f2c3b0ab
6ca05b99b862ee476f8bf502ac9d111f44ce28b973a972d13b82ad7386b78848

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/Services/158966926685223.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1190
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/Services/158966973110459.png.webp

68.65.122.94

200 OK

1.1 kB

URL HTTP/2
bugaia.net/uploads/Services/158966973110459.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.1 kB (1074 bytes)
Hash
c3f124353182f33df5e8e76f1eb0b68b
8b60e91d0e865942bd1c32ee43395413207b3e39
1dffdb67af4a038e546736f800f36bd34d687cf41a9e65e00486ff2b6b574639

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/Services/158966973110459.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1074
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/Services/158966903169880.png.webp

68.65.122.94

200 OK

1.2 kB

URL HTTP/2
bugaia.net/uploads/Services/158966903169880.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.2 kB (1190 bytes)
Hash
11b3c8346c1081e645ba230bcec2716f
29cce8e6090cdd6c3ef056ebc3a3ce77f2c3b0ab
6ca05b99b862ee476f8bf502ac9d111f44ce28b973a972d13b82ad7386b78848

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/Services/158966903169880.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1190
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/Services/158966770775768.png.webp

68.65.122.94

200 OK

732 B

URL HTTP/2
bugaia.net/uploads/Services/158966770775768.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
732 B (732 bytes)
Hash
c7b9a3e399f6e85d002a7fe3fb9a0855
d77303f29fea5b13c07a2665e02abed03760a9df
78b1c1c73f68dd61d5ea18bb88d45f3a244133edf6ca2e873fcfc10e1724eeef

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/Services/158966770775768.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 732
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/Services/158966805523267.png.webp

68.65.122.94

200 OK

1.2 kB

URL HTTP/2
bugaia.net/uploads/Services/158966805523267.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.2 kB (1190 bytes)
Hash
11b3c8346c1081e645ba230bcec2716f
29cce8e6090cdd6c3ef056ebc3a3ce77f2c3b0ab
6ca05b99b862ee476f8bf502ac9d111f44ce28b973a972d13b82ad7386b78848

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/Services/158966805523267.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1190
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/Services/158966433165945.png.webp

68.65.122.94

200 OK

732 B

URL HTTP/2
bugaia.net/uploads/Services/158966433165945.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
732 B (732 bytes)
Hash
c7b9a3e399f6e85d002a7fe3fb9a0855
d77303f29fea5b13c07a2665e02abed03760a9df
78b1c1c73f68dd61d5ea18bb88d45f3a244133edf6ca2e873fcfc10e1724eeef

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/Services/158966433165945.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 732
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/projectType/158974791852781.png.webp

68.65.122.94

200 OK

2.5 kB

URL HTTP/2
bugaia.net/uploads/projectType/158974791852781.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.5 kB (2458 bytes)
Hash
3f2bb96c3656fc0338b25112c21d4424
123569f1a5fe10922fa2b917e176a3ceb6eb5723
6e6e96e87278d65b1404dd4ed0fb15e59a3caba1e1f93e9b99b755ae19852776

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/projectType/158974791852781.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 2458
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/projectType/158974783660719.png.webp

68.65.122.94

200 OK

3.8 kB

URL HTTP/2
bugaia.net/uploads/projectType/158974783660719.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.8 kB (3794 bytes)
Hash
0b16c42919e97a88b0b80bf4e1f66960
b289df371c61b9197190c9d6c7b2e86b9a0d6a3a
c7a21dccd13ffbd2f238ec8f41898a722e330c71d4da393ba33cc06ba8679fca

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/projectType/158974783660719.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 3794
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/projectType/158974761834881.png.webp

68.65.122.94

200 OK

1.6 kB

URL HTTP/2
bugaia.net/uploads/projectType/158974761834881.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.6 kB (1608 bytes)
Hash
8b0ae54ba04c52a30912e058ec1a0be9
401a0a4904b0c179a468ab01f6efae8f1bb979d9
14d28ad602effa0237888043604025da5dfd7d655596a8871f6d9edfb910a22d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/projectType/158974761834881.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1608
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/shape1.png.webp

68.65.122.94

200 OK

616 B

URL HTTP/2
bugaia.net/assets/images/shape1.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
616 B (616 bytes)
Hash
18a6abb4c45dc5117e0864219266f209
cac19d41408d1a42a5b2edde235f802d7fb4fb90
d439fe4555f6ffc3368e70b5aa68155124998c5458089660c401099fb53db8bc

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/shape1.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 616
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/projectType/158974774544159.png.webp

68.65.122.94

200 OK

1.6 kB

URL HTTP/2
bugaia.net/uploads/projectType/158974774544159.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.6 kB (1588 bytes)
Hash
92c20aa1f3497c66229a00e1ee46be9c
8f0d3da231876c45e0b9ab49acb48a0a2c99b693
b23ca8b148151d5a6433d4fd40f7efa87f94fee26e69ac5e8e0634c98324d4de

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/projectType/158974774544159.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1588
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/shape2.png.webp

68.65.122.94

200 OK

522 B

URL HTTP/2
bugaia.net/assets/images/shape2.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
522 B (522 bytes)
Hash
25505703c463825944372be537523f08
095c8f17b5c1f950a3b9a7e2d9b1d385072d1187
2796305de92f51116bf734d0c4e335894cd1bf5f13da5fbbdbd2ee54b8dc20e9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/shape2.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 522
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/shape4.png.webp

68.65.122.94

200 OK

2.9 kB

URL HTTP/2
bugaia.net/assets/images/shape4.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.9 kB (2920 bytes)
Hash
869a44093c4c8533d55bdac4c2132d6f
deb92ddbb6749fbaf6d6ced4f669184856de75e5
a573a11543f88f1eba68133c6f058ede53575cc8902b5d277aa2106633cf0f13

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/shape4.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 2920
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/stander/158713492837386.png.webp

68.65.122.94

200 OK

29 kB

URL HTTP/2
bugaia.net/uploads/stander/158713492837386.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
29 kB (28726 bytes)
Hash
5714a65bde303d10e0b41ad6ea8249ea
c5cb72c661ada632cdaf08b81800ea09e25aed9b
4f67009fb61e2a1bcf2a2ec53c7679ec48b46f61aedcb43575c0fcf7e9eb79da

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/stander/158713492837386.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 28726
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/shape3.png.webp

68.65.122.94

200 OK

540 B

URL HTTP/2
bugaia.net/assets/images/shape3.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
540 B (540 bytes)
Hash
854d410d42538e696430f162ab9adffc
2418fc5ea71b75c66bb40c5adaa7fa1047c1ef14
9f696cbbbfe9334b5d2dd4fcdb0707cb856c93ccf05c3a2d6f121bdc25cf269e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/shape3.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 540
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/icon1.png.webp

68.65.122.94

200 OK

1.6 kB

URL HTTP/2
bugaia.net/assets/images/icon1.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.6 kB (1576 bytes)
Hash
fdd03f3eb149561c41a90cfb12af2906
07f3af002d5f88d566290e406bfe4735af07c578
39e3034cc56567d2e0e3e678a17bc7340cae664cfe8670fcf61a80e75528e739

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/icon1.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1576
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/icon2.png.webp

68.65.122.94

200 OK

1.6 kB

URL HTTP/2
bugaia.net/assets/images/icon2.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.6 kB (1630 bytes)
Hash
5def227abb644ebd6d5565264034ba4b
7244e8efc9cb8c29aa04cfe58594ec41bdc67473
0edff7c738aae1811a298ffb0c7f0f876ba4c04479f01fc06db72b754a56390c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/icon2.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1630
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/icon4.png.webp

68.65.122.94

200 OK

708 B

URL HTTP/2
bugaia.net/assets/images/icon4.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
708 B (708 bytes)
Hash
c6a79c452014645d43c2f85576e703e6
47c2ab83b242948cb6fab546acff93197bddffb7
53429af8f0138763cdccd2a503ae375ef0a0175a76466e717a232a29f5d4af2d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/icon4.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 708
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/wrk1.png.webp

68.65.122.94

200 OK

400 B

URL HTTP/2
bugaia.net/assets/images/wrk1.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
400 B (400 bytes)
Hash
2c58bcdb293ad51fbd675fc96da340dd
4f6181f5a78e0e768ad71c4d9d55917f39cbfa23
087373c6060f81139e88845ad5053e80163694433d15d61bab4059a85fdf8af1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/wrk1.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 400
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/shape5.png.webp

68.65.122.94

200 OK

7.2 kB

URL HTTP/2
bugaia.net/assets/images/shape5.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
7.2 kB (7214 bytes)
Hash
6481922ad5f002ce089c500e8cc202de
df52fc654fca22b500c92730fe8b312f460e9ec5
dba62aebabe3d0c2b62c5ab4ee1352bdcdb5724958db1886a7e460d35f5930d1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/shape5.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 7214
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7555
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 04:14:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7555
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 04:14:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7555
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 04:14:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7555
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 04:14:32 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6920 bytes)
Hash
f4193f05dfd1de8bf795f433d4387243
b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GgMHlvU3WIDYMF9fmZAajw_Y3zmPm2zojn7FTqgqtBj7e4qeu8Uokg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:05:53 GMT
age: 22119
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11469 bytes)
Hash
5529617b0748f2d8c82ef99c1ac116a8
a862b74508113ae72b56b9b3de0c75ba559b9032
376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: El70-nSITf6MuEV19s_OMrwTcWIKO-u4JsghVUSzolero071AVGvjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:38:28 GMT
age: 23764
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8656 bytes)
Hash
30d72693680b3ac91c0eee4d47a26196
cd923a5a3810bfe86be2eca4b97c739d76756d93
69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8656
x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwkEHmIAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zTGiKMan3uG3edx5AsFabNE4eG_dmzrIIOFCWcOxYN0UgSCGTNTtxw==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:25 GMT
age: 21127
etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5995 bytes)
Hash
3801236dc22938e1cc18947e90ea5326
5979d7dc3ba0eb61947282a4adeac8208b4148ae
3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cO5j7BIPh3GSOUqKDYYY2qmG6__Hn2XB9lFhhYT_WpOXya-9TTGtgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:24 GMT
age: 21128
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8749 bytes)
Hash
dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:21 GMT
age: 23171
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10594 bytes)
Hash
7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:03:16 GMT
age: 22276
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bugaia.net/assets/images/icon3.png.webp

68.65.122.94

200 OK

2.4 kB

URL HTTP/2
bugaia.net/assets/images/icon3.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.4 kB (2358 bytes)
Hash
3880a86d96ece6bf5e92ede3c38b57f8
52b0b19be8ac5c9750f275b149732caa6c2a977c
f2772ffb610cba5c3505c29a11c4f7aac16d815fff4ed0ed2d939df2901650b1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/icon3.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 2358
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/user.jpg.webp

68.65.122.94

200 OK

326 B

URL HTTP/2
bugaia.net/assets/images/user.jpg.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 32x35, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
326 B (326 bytes)
Hash
3f10b8041a94f8db6cf9366b697a4cbd
2f4d5a507199cd9c04c1ca63ea84d09a6c72e5b2
cd7c06b27bcae80c8c38059efd8818d07f8319797dd41eefef13037fae4aca81

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/user.jpg.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 326
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/client/159080333517670.png.webp

68.65.122.94

200 OK

1.7 kB

URL HTTP/2
bugaia.net/uploads/client/159080333517670.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.7 kB (1712 bytes)
Hash
939b2751d9cbcf12a870124be63c94e2
bbbc6bf90ed2ebaf37baa646dde3bac0d9e71bd1
86694968f02190881631620c5ed6d86955dc18c22bc75397dd6f821556d9e43c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/client/159080333517670.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1712
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/client/160008936383142.png.webp

68.65.122.94

200 OK

2.7 kB

URL HTTP/2
bugaia.net/uploads/client/160008936383142.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.7 kB (2668 bytes)
Hash
ef6b6c61882c0de3d278573a713ac1be
40609523468795ce214563f4abb4ff207d578890
741eaca7f135cfd82502f9e88b9d4a0a86f45a745e8f399c0f5f5b181f6955ff

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/client/160008936383142.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 2668
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/client/159080339152875.png.webp

68.65.122.94

200 OK

1.3 kB

URL HTTP/2
bugaia.net/uploads/client/159080339152875.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1276 bytes)
Hash
3c62b24551e884e89f610e13fe70d380
0e16558275f21ae61cab2b6a3d5c2e3749a23f37
da099f36129fe24c8e4f38e9e21b4ec25f021a5400629b2aa614a441fd8a0b14

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/client/159080339152875.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1276
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/client/159080345421906.png.webp

68.65.122.94

200 OK

2.5 kB

URL HTTP/2
bugaia.net/uploads/client/159080345421906.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.5 kB (2514 bytes)
Hash
42278ee5070d2c9176a56c6f4b1dd4c8
c35a9a5aa2dd052a0721fe85cd7d212bb2b9619b
7ad12ce0d9e3ddd9f72e5dd942a3efdbe999a99abd782356f1ca46731304d12b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/client/159080345421906.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 2514
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/js/bugaia.js

68.65.122.94

200 OK

525 B

URL HTTP/2
bugaia.net/assets/js/bugaia.js
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
525 B (525 bytes)
Hash
bc837126bb740df96bdd8d189fd51892
d6c0d6f6a8a76d3bdd08d295d07f6155c65da769
df4fa6d8f7c79bfb468639c4da117dffd666088a24823de48f310ee4cfeffe26

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/bugaia.js HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: application/javascript
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 525
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/client/160008931775531.png.webp

68.65.122.94

200 OK

2.3 kB

URL HTTP/2
bugaia.net/uploads/client/160008931775531.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2306 bytes)
Hash
8476e7bb5eb46ba51101fdb247efc24a
7f11fe548aa335b82a553805199f40965f914ac2
5a480cf6d16e5e2953fe84b84ff9f19d37f98dc00b52468b73b4721d4d9a5aed

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/client/160008931775531.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 2306
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/js/main.js

68.65.122.94

200 OK

1.1 kB

URL HTTP/2
bugaia.net/assets/js/main.js
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1078 bytes)
Hash
17d0c33ac9352156d650f8002539f02e
f585053133bc91eb43d0e5c6865debab7e27ad04
fc1817688c83b38c600058615b47b445e788ddb8f26e168573424e06f4dad1ac

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/main.js HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: application/javascript
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1078
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/stander/158713492871545.png.webp

68.65.122.94

200 OK

34 kB

URL HTTP/2
bugaia.net/uploads/stander/158713492871545.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
34 kB (34392 bytes)
Hash
a2c21e13efe563451e7d299361bdf7a7
134aaeacd19dde8c7aab68ca25031e1db3e1cf81
50ea62e7d2fea1eee578c82438576d7d482faa28e45119fe0480b3ab4ffdc976

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/stander/158713492871545.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 34392
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/project/160009065495381.png.webp

68.65.122.94

200 OK

27 kB

URL HTTP/2
bugaia.net/uploads/project/160009065495381.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x924, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
27 kB (26750 bytes)
Hash
c88dcd27459ba55ae8000af97b58372a
d6e5df2c683aa64496b6c7ca6ea53b4088adfda5
d04f0a57e0bceb97b8d8c2684981e16d20063a1c2348b313498bf2e5fe78b00b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/project/160009065495381.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 26750
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/blogs/158975598286182.png.webp

68.65.122.94

200 OK

30 kB

URL HTTP/2
bugaia.net/uploads/blogs/158975598286182.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
30 kB (30376 bytes)
Hash
1378b3a2f48a9a4d86d8b55c71b1822f
0c92e02232932ff2ef2a28a354cfa9ebedce9c43
99761e417dbc4be96fffe2866881607396c44dd7538a2b3a3c979e6ddf450fa0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/blogs/158975598286182.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 30376
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
c526adaea6313d4245617c7471617d8e
b98308ddb5d0801b87a16ad87396033e59b61a9b
de9de78225ca1deceb99777f143debb1f33e11f7c4656c6baab99c10369b312a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 637
Cache-Control: max-age=127284
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:32 GMT
Etag: "638e0d5f-118"
Expires: Wed, 07 Dec 2022 15:35:56 GMT
Last-Modified: Mon, 05 Dec 2022 15:25:19 GMT
Server: ECS (amb/6B91)
X-Cache: HIT
Content-Length: 280

bugaia.net/uploads/blogs/158975212448488.png.webp

68.65.122.94

200 OK

30 kB

URL HTTP/2
bugaia.net/uploads/blogs/158975212448488.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
30 kB (30376 bytes)
Hash
1378b3a2f48a9a4d86d8b55c71b1822f
0c92e02232932ff2ef2a28a354cfa9ebedce9c43
99761e417dbc4be96fffe2866881607396c44dd7538a2b3a3c979e6ddf450fa0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/blogs/158975212448488.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 30376
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/blogs/158975454857803.png.webp

68.65.122.94

200 OK

30 kB

URL HTTP/2
bugaia.net/uploads/blogs/158975454857803.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
30 kB (30376 bytes)
Hash
1378b3a2f48a9a4d86d8b55c71b1822f
0c92e02232932ff2ef2a28a354cfa9ebedce9c43
99761e417dbc4be96fffe2866881607396c44dd7538a2b3a3c979e6ddf450fa0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/blogs/158975454857803.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 30376
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/client/159080329590334.png.webp

68.65.122.94

200 OK

43 kB

URL HTTP/2
bugaia.net/uploads/client/159080329590334.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
43 kB (43298 bytes)
Hash
b4b2d035791d40c88f28b17c1bfa672a
a0adc6de367ed947b42eee258d47779c2b8da7a0
050bef9dc31ac316aa47ae06c636e0598a5174f8e96e7690b46e7f592eaec698

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/client/159080329590334.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 43298
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/client/159080354649987.png.webp

68.65.122.94

200 OK

19 kB

URL HTTP/2
bugaia.net/uploads/client/159080354649987.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
19 kB (18664 bytes)
Hash
ed3cda0f77fb06d048521e02f98e9d5a
dd012def2bd00d5d8d961cba46fc97d84bda8659
234b905d5a01816a3652d1d9c50faf1e9bac783e16b6f2bdf0e1fbeaf93ab803

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/client/159080354649987.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 18664
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/client/159080342639278.png.webp

68.65.122.94

200 OK

17 kB

URL HTTP/2
bugaia.net/uploads/client/159080342639278.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
17 kB (16734 bytes)
Hash
49602e20704d13569d624dec4e574309
550b25bcbd1e3a3d623a872c58f01d311e4f8509
a7a70f477797f43a48c3fd70a2cd0b9f8e9f3f74f2de04afb15564a4a48b6c4a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/client/159080342639278.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 16734
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/prj0.png.webp

68.65.122.94

200 OK

41 kB

URL HTTP/2
bugaia.net/assets/images/prj0.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
41 kB (40568 bytes)
Hash
96fea818fcfd5e709170cd5f29cfbc6b
031f6a38169fee9573825e7e19ab2f50a8e31e55
959b1b448944107d32a449b65b8c21bab55f1b24e0e90f218076139b6268b086

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/prj0.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 40568
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/project/160009056766991.png.webp

68.65.122.94

200 OK

57 kB

URL HTTP/2
bugaia.net/uploads/project/160009056766991.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x927, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
57 kB (57328 bytes)
Hash
84cf513e68f6e5f79f847ffaf7b5793e
a13c4af6b873d9307139e80e87fc1479dcf62552
94e5f541974fc619b86d7f319b0dcf20f26693a8aebe2e4b1e94df0c8d1eb9da

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/project/160009056766991.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 57328
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/project/160009059712052.png.webp

68.65.122.94

200 OK

60 kB

URL HTTP/2
bugaia.net/uploads/project/160009059712052.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x921, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
60 kB (60406 bytes)
Hash
5769888a0af507380805df3571920292
3a865bff2259001dce31b7bcd7eccc92753ccd41
9f9f3d0ac9413113c709f946d5cbd9fe3ae5210a2a62554809849c601617dd63

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/project/160009059712052.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 60406
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/footer.svg

68.65.122.94

200 OK

9.9 kB

URL HTTP/2
bugaia.net/assets/images/footer.svg
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
SVG Scalable Vector Graphics image\012- exported SGML document, ASCII text, with very long lines (10270), with CRLF line terminators
Size
9.9 kB (9891 bytes)
Hash
e05ac56009837c297fde9eeff4c3f731
b853aa17e87b6edd11ab4ad265364d6512047536
194cc8d7bfca82536749d4d6a7d96e532f5791dea0b07c75543820e250ab6053

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/footer.svg HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/svg+xml
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9891
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/mountain_header.svg

68.65.122.94

200 OK

870 B

URL HTTP/2
bugaia.net/assets/images/mountain_header.svg
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (464), with CRLF line terminators
Size
870 B (870 bytes)
Hash
7fcaa028293b37c7f2c679fbc147a940
0aeea91950beadc1e5f2c1e715779405489c2e18
96eeb8f0d8996d86f875c2d39123729bece1f13d23a73ae34a6d16d5949bd8f3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/mountain_header.svg HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/svg+xml
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 870
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/line.png

68.65.122.94

200 OK

15 kB

URL HTTP/2
bugaia.net/assets/images/line.png
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 1857 x 342, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (15191 bytes)
Hash
d33098935f6c5ead76b10bc33e578dd4
81ab01e4bf12755ecb383c64f40fdd5767378ed5
f11753061280a8971a26771126aa6de2cc338593280b865f13ebb4c8375cd6f2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/line.png HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/png
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 15191
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/images/border.svg

68.65.122.94

200 OK

292 B

URL HTTP/2
bugaia.net/assets/images/border.svg
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
292 B (292 bytes)
Hash
d0c68c1eb2d67225fe79b494947c5b9a
2738abce3a32ccee47290342f6366eb613f382a9
f8a970ad4624aa4bb15ebccf357e973e73cb5295c5570913350e5e20be40091c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/border.svg HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/svg+xml
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 292
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/fonts/icons/icomoon.ttf?j739wf

68.65.122.94

200 OK

6.0 kB

URL HTTP/2
bugaia.net/assets/fonts/icons/icomoon.ttf?j739wf
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size
6.0 kB (6000 bytes)
Hash
4924b41e1a178d65bc129ed1070fba6f
4da5f9363bc4c97d699b61324bb42f58974605e9
7da7287976498ed44b1b374efee17965b221bb3e7abf27d0ba46d64dadc227ec

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/fonts/icons/icomoon.ttf?j739wf HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/icons.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: font/ttf
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 6000
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/uploads/project/160009063425370.png.webp

68.65.122.94

200 OK

196 kB

URL HTTP/2
bugaia.net/uploads/project/160009063425370.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x933, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
196 kB (195742 bytes)
Hash
c405cdc6017cf7685e35731e1cf36cab
c2424f88a08866a47e044c01e6fb148dc6438c3e
e9061dae9549c949c7e1419f50f0de0bf1d1b095d534b6467eeeb29a9b20a39d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/project/160009063425370.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 195742
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/fonts/TAJAWAL/TAJAWAL-REGULAR.TTF

68.65.122.94

200 OK

56 kB

URL HTTP/2
bugaia.net/assets/fonts/TAJAWAL/TAJAWAL-REGULAR.TTF
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
TrueType Font data, 15 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, (c) 2017 by Boutros International. All rights reserved.TajawalRegular1.000;1bou;Tajawal-RegularV\012- data
Size
56 kB (56088 bytes)
Hash
6b10b55e4df612910047b7e5d596a9d5
c13a0a9b2d0deb648b29442ac81a56516153f201
e04f9ee8d10ee25525bfbb4c44f856853568bd39de59c7bc9a2da1683fee01c3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/fonts/TAJAWAL/TAJAWAL-REGULAR.TTF HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: font/ttf
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 56088
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

104.18.11.207

200 OK

68 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32033)
Size
68 kB (67615 bytes)
Hash
68104fbed6174c3456c7d5155ca4bee9
6989867127139e026a4f4507e29ad9c86cd944a5
e99066ef04c6307878082711f41344199da7a7deaa9c811ad618100d146515d4

HTTP Headers

GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:31 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 15749556
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775231f52cb5b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

bugaia.net/assets/fonts/TAJAWAL/TAJAWAL-BOLD.TTF

68.65.122.94

200 OK

57 kB

URL HTTP/2
bugaia.net/assets/fonts/TAJAWAL/TAJAWAL-BOLD.TTF
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
TrueType Font data, 15 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, (c) 2017 by Boutros International. All rights reserved.TajawalBold1.000;1BOU;Tajawal-BoldTajawal\012- data
Size
57 kB (56568 bytes)
Hash
79bb19e04937c19974260fcb4128270e
e08459c45d81723a0275d1940c39b2c53f6e677c
4e73466ce60e5c69df0c5da4cf0ae6e60e5b29951ffbd9d3ce3b4cb68b391f74

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/fonts/TAJAWAL/TAJAWAL-BOLD.TTF HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: font/ttf
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 56568
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bugaia.net/assets/fonts/TAJAWAL/TAJAWAL-EXTRABOLD.TTF

68.65.122.94

200 OK

56 kB

URL HTTP/2
bugaia.net/assets/fonts/TAJAWAL/TAJAWAL-EXTRABOLD.TTF
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
TrueType Font data, 15 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, (c) 2017 by Boutros International. All rights reserved.Tajawal ExtraBoldRegular1.000;1BOU;Tajawa\012- data
Size
56 kB (56292 bytes)
Hash
7bbbfd28e8dbd463c9f449aa96ffd7ed
e0fc35c5b78b529a489597740eb49e134b81b690
853befc42ac27357f2041fab7e63947ad40b40f3caa51aede698b2eb5599ac90

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/fonts/TAJAWAL/TAJAWAL-EXTRABOLD.TTF HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
content-type: font/ttf
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 56292
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
c526adaea6313d4245617c7471617d8e
b98308ddb5d0801b87a16ad87396033e59b61a9b
de9de78225ca1deceb99777f143debb1f33e11f7c4656c6baab99c10369b312a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 638
Cache-Control: max-age=127284
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:14:33 GMT
Etag: "638e0d5f-118"
Expires: Wed, 07 Dec 2022 15:35:57 GMT
Last-Modified: Mon, 05 Dec 2022 15:25:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

bugaia.net/assets/images/fav.png.webp

68.65.122.94

200 OK

1.5 kB

URL HTTP/2
bugaia.net/assets/images/fav.png.webp
IP
68.65.122.94:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.5 kB (1546 bytes)
Hash
78411bc82e7f67621db63765c2d92113
a0db23ce103822623a57ba5d78b7ed90aa964257
b7ec8b763196f50d909a605332bf178a5e8e4e9425188a93bca168ab4f37b543

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/images/fav.png.webp HTTP/1.1
Host: bugaia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:33 GMT
content-type: image/webp
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1546
date: Tue, 06 Dec 2022 04:14:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:31 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:29:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e
cdn-cache: HIT
cf-cache-status: HIT
age: 18410408
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775231f50cadb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bugaia.net
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:33 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77523202b897b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bugaia.net
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:33 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77523202b89db4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bugaia.net
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:33 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"9075c2f5460b2832318d3c7217cc68cb"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77523202c8a0b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bugaia.net
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:34 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77523202b89bb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/5ae10d755f7cdf4f05339e3f/default

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/5ae10d755f7cdf4f05339e3f/default
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /5ae10d755f7cdf4f05339e3f/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bugaia.net
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:33 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-637ddf31c8f"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775231fe9ed8b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bugaia.net
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:14:33 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"bde99510bdf9ab7bbc9ce82519a19a36"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77523202b89eb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations