Overview

URLbugaia.net/
IP 68.65.122.94 (United States)
ASN#22612 NAMECHEAP-NET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-06 04:14:42 UTC
StatusLoading report..
IDS alerts0
Blocklist alert171
urlquery alerts No alerts detected
Tags None

Domain Summary (16)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (6) 344 No data No data 95.101.11.115
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-05 04:09:09 UTC 34.102.187.140
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.42.74.230
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-05 04:09:48 UTC 34.117.237.239
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-12-05 08:37:19 UTC 172.217.21.168
bugaia.net (58) 0 2019-12-17 08:06:14 UTC 2022-12-05 15:35:38 UTC 68.65.122.94 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
cdnjs.cloudflare.com (8) 235 2015-04-17 20:46:33 UTC 2022-12-05 07:49:46 UTC 104.17.25.14
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.65.229
ocsp.pki.goog (2) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
maxcdn.bootstrapcdn.com (2) 724 2014-06-18 00:37:31 UTC 2022-12-05 08:40:25 UTC 104.18.11.207
embed.tawk.to (6) 8650 2014-03-19 21:03:49 UTC 2022-12-05 09:03:51 UTC 104.22.24.131
ocsp.digicert.com (12) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-06 2 bugaia.net/ Malware
2022-12-06 2 bugaia.net/uploads/stander/158713492852480.png.webp Malware
2022-12-06 2 bugaia.net/ Malware
2022-12-06 2 bugaia.net/uploads/Services/158967080612293.png.webp Malware
2022-12-06 2 bugaia.net/uploads/Services/158967065682015.png.webp Malware
2022-12-06 2 bugaia.net/uploads/Services/158967013253102.png.webp Malware
2022-12-06 2 bugaia.net/uploads/Services/158967043380709.png.webp Malware
2022-12-06 2 bugaia.net/uploads/Services/158966926685223.png.webp Malware
2022-12-06 2 bugaia.net/uploads/Services/158966973110459.png.webp Malware
2022-12-06 2 bugaia.net/uploads/Services/158966903169880.png.webp Malware
2022-12-06 2 bugaia.net/uploads/Services/158966770775768.png.webp Malware
2022-12-06 2 bugaia.net/uploads/Services/158966805523267.png.webp Malware
2022-12-06 2 bugaia.net/uploads/Services/158966433165945.png.webp Malware
2022-12-06 2 bugaia.net/uploads/projectType/158974791852781.png.webp Malware
2022-12-06 2 bugaia.net/uploads/projectType/158974783660719.png.webp Malware
2022-12-06 2 bugaia.net/uploads/projectType/158974761834881.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/shape1.png.webp Malware
2022-12-06 2 bugaia.net/uploads/projectType/158974774544159.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/shape2.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/shape4.png.webp Malware
2022-12-06 2 bugaia.net/uploads/stander/158713492837386.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/shape3.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/icon1.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/icon2.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/icon4.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/wrk1.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/shape5.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/icon3.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/user.jpg.webp Malware
2022-12-06 2 bugaia.net/uploads/client/159080333517670.png.webp Malware
2022-12-06 2 bugaia.net/uploads/client/160008936383142.png.webp Malware
2022-12-06 2 bugaia.net/uploads/client/159080339152875.png.webp Malware
2022-12-06 2 bugaia.net/uploads/client/159080345421906.png.webp Malware
2022-12-06 2 bugaia.net/assets/js/bugaia.js Malware
2022-12-06 2 bugaia.net/uploads/client/160008931775531.png.webp Malware
2022-12-06 2 bugaia.net/assets/js/main.js Malware
2022-12-06 2 bugaia.net/uploads/stander/158713492871545.png.webp Malware
2022-12-06 2 bugaia.net/uploads/project/160009065495381.png.webp Malware
2022-12-06 2 bugaia.net/uploads/blogs/158975598286182.png.webp Malware
2022-12-06 2 bugaia.net/uploads/blogs/158975212448488.png.webp Malware
2022-12-06 2 bugaia.net/uploads/blogs/158975454857803.png.webp Malware
2022-12-06 2 bugaia.net/uploads/client/159080329590334.png.webp Malware
2022-12-06 2 bugaia.net/uploads/client/159080354649987.png.webp Malware
2022-12-06 2 bugaia.net/uploads/client/159080342639278.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/prj0.png.webp Malware
2022-12-06 2 bugaia.net/uploads/project/160009056766991.png.webp Malware
2022-12-06 2 bugaia.net/uploads/project/160009059712052.png.webp Malware
2022-12-06 2 bugaia.net/assets/images/footer.svg Malware
2022-12-06 2 bugaia.net/assets/images/mountain_header.svg Malware
2022-12-06 2 bugaia.net/assets/images/border.svg Malware
2022-12-06 2 bugaia.net/uploads/project/160009063425370.png.webp Malware
2022-12-06 2 bugaia.net/assets/fonts/TAJAWAL/TAJAWAL-REGULAR.TTF Malware
2022-12-06 2 bugaia.net/assets/fonts/TAJAWAL/TAJAWAL-BOLD.TTF Malware
2022-12-06 2 bugaia.net/assets/fonts/TAJAWAL/TAJAWAL-EXTRABOLD.TTF Malware
2022-12-06 2 bugaia.net/assets/images/fav.png.webp Malware

mnemonic secure dns
Scan Date Severity Indicator Comment
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed
2022-12-06 2 bugaia.net Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 68.65.122.94
Date UQ / IDS / BL URL IP
2022-12-19 20:58:46 +0000 0 - 0 - 3 bugaia.net/uss/index.php 68.65.122.94
2022-12-06 22:00:13 +0000 0 - 0 - 8 bugaia.net/mcm/index.php?QBOT.zip 68.65.122.94
2022-12-06 21:40:29 +0000 0 - 0 - 8 tacticalammoandguns.com/iott/index.php?QBOT.zip 68.65.122.94
2022-12-06 21:23:13 +0000 0 - 0 - 8 tacticalammoandguns.com/iott/index.php?QBOT.zip 68.65.122.94
2022-12-06 04:14:42 +0000 0 - 0 - 171 bugaia.net/ 68.65.122.94


Last 5 reports on ASN: NAMECHEAP-NET
Date UQ / IDS / BL URL IP
2023-02-06 15:14:19 +0000 0 - 0 - 8 scrapella.com/bemob/amir/en/ 185.61.153.111
2023-02-06 14:57:23 +0000 0 - 0 - 4 accedi-ora-id.66-29-139-17.cprapid.com/home 66.29.139.17
2023-02-06 14:53:41 +0000 0 - 0 - 1 esystem-rks.com/office.com/quad/ 162.0.209.26
2023-02-06 14:13:41 +0000 0 - 0 - 0 admin.biet.in/t/R3wekYfYIdsieYQZ3q7dqA/jkZSqo (...) 66.29.132.77
2023-02-06 13:37:56 +0000 0 - 3 - 17 irsgov.cc/ 67.223.118.113


Last 3 reports on domain: bugaia.net
Date UQ / IDS / BL URL IP
2022-12-19 20:58:46 +0000 0 - 0 - 3 bugaia.net/uss/index.php 68.65.122.94
2022-12-06 22:00:13 +0000 0 - 0 - 8 bugaia.net/mcm/index.php?QBOT.zip 68.65.122.94
2022-12-06 04:14:42 +0000 0 - 0 - 171 bugaia.net/ 68.65.122.94


No other reports with similar screenshot

JavaScript

Executed Scripts (28)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (109)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7610
Expires: Tue, 06 Dec 2022 06:21:20 GMT
Date: Tue, 06 Dec 2022 04:14:30 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         68.65.122.94
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
keep-alive: timeout=5, max=100
content-length: 707
date: Tue, 06 Dec 2022 04:14:29 GMT
server: LiteSpeed
location: https://bugaia.net/
x-turbo-charged-by: LiteSpeed


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3191
Cache-Control: max-age=112200
Date: Tue, 06 Dec 2022 04:14:30 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:24:30 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 03:20:21 GMT
cache-control: public,max-age=3600
age: 3249
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19627
Expires: Tue, 06 Dec 2022 09:41:37 GMT
Date: Tue, 06 Dec 2022 04:14:30 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: Cko+3nCTn340udcJMGS32EtZ9ZIBppvscV6imv5qFMLwnDHElfqWd/aTS+oJRBDSjelYseznhRM=
x-amz-request-id: K07QER9EB9SBE4NT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 03:48:46 GMT
age: 1544
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Dec 2022 04:14:30 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 04:11:20 GMT
cache-control: public,max-age=3600
age: 190
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 04:14:30 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:26:54 GMT
Expires: Sun, 11 Dec 2022 12:26:53 GMT
Etag: "551564be8c1ea89f2f860670d3b43baae9687b11"
Cache-Control: max-age=460942,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775231f149390b69-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3145
Cache-Control: max-age=107087
Date: Tue, 06 Dec 2022 04:14:30 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:59:17 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: scAzNZY+PN3+HdWQSAadqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.42.74.230
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SrxDOnipGouBJWTt0lV2oVuP0hU=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2953
Cache-Control: max-age=99358
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638d973c-117"
Expires: Wed, 07 Dec 2022 07:50:29 GMT
Last-Modified: Mon, 05 Dec 2022 07:01:16 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5817
Cache-Control: max-age=150449
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:02:00 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5817
Cache-Control: max-age=150449
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:02:00 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 06 Dec 2022 04:14:31 GMT
content-length: 2695
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e58-31fb"
last-modified: Mon, 04 May 2020 16:10:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1117476
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fY99Pfij4MSQfvvFeeqbUBdImcQylZKXikfTjr8Mbp2i0SrOhmrw0Y3PE7udOqqA2PkcdOej2q2jzbnw3sHoNDAiLSWVqRnKcKe2yXxKT3eMNrGvNKgjhzsHa7BpIDbiKNY%2BCUHU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f53e14b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12795), with no line terminators
Size:   2695
Md5:    763b8aa8becf095178bc43d55da66e6d
Sha1:   c4a63a7fedd1693c5fa7dd18716ac8f8fd6570ae
Sha256: 1914fb16590956c63b1d05baca1201c6793b70ea52f7c256882d53dad7a199ca
                                        
                                            GET /ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Dec 2022 04:14:31 GMT
content-length: 19249
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e58-10a9d"
last-modified: Mon, 04 May 2020 16:10:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2114376
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yD4cg2jvzR34WUPH6HMje5BYu8nUgPiQdA0FemOPMTEogzUKGoAcei3KUpZ7hNmffS1wVKfujhHRdpqw70byfLmBhIPgkGDxLV8jahRK%2FysLl3tZqfOsTtz9du4VxxBh3sa3%2BS%2B6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f53e15b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (31972)
Size:   19249
Md5:    c8e69fc65287045e4f083a6bcd40b8e0
Sha1:   fa3a37740705510fe08c3b286ea9a81e2e4bb04d
Sha256: bffefe5f48974eeda69bb6a53127b10ee8244ba7f9dd4a925f2f2c1bde189db0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5817
Cache-Control: max-age=150449
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:02:00 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/bootstrap-select/1.13.12/css/bootstrap-select.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 06 Dec 2022 04:14:31 GMT
content-length: 1877
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-2b70"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15740077
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3T%2F2pD8KkVwLQjxUokkodXochPaIzA%2BdVcLBHU9GQXvtiPlhRX0dqqecBnK%2BSHyVLcxEE7n6ZFTb1R%2BXFsSIKYg8pLMHolVYvSrPagfKwXqmRzpjxoLb77swpPBdI9VOh%2F7hMbY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f55e1fb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10879), with CRLF line terminators
Size:   1877
Md5:    fa5a5f83784e8be2fc74e6a7ce9c5ec5
Sha1:   36c98dc25ca4c86522749860baf037a5a9407620
Sha256: 651daf006ddbba40e8f58095cbf404c26a3361ac20115c989448df1ef53e9b35
                                        
                                            GET /ajax/libs/bootstrap-select/1.13.12/js/bootstrap-select.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Dec 2022 04:14:31 GMT
content-length: 13484
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-c993"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15763844
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75UHmBpI5Vn%2BQN2d84kdZrwZ2Ny8RbB4SK8yZ9pUfdUq57b04xTm5CecTB0Ll8mVzYOAoZq%2BjZxhwhZbgRfYaAqXR4se%2FtfFx31j1aJ8Wakcg0ucuWFaQA%2B%2BHazGLJaes%2Bd3JvBz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f55e1bb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (51305), with CRLF line terminators
Size:   13484
Md5:    ec0dada007fe525d9e7cb03a950257cc
Sha1:   306ed2e50d7c9104c65a22bb642421d8c1bbc988
Sha256: 2ceee82f2ec6e5f5bd21a443e2c9044caa5fbbef925a0938de93bf0e95022626
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4934
Cache-Control: max-age=149566
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 21:47:17 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6051
Cache-Control: max-age=150683
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:05:54 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/parallax/3.1.0/parallax.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Dec 2022 04:14:31 GMT
content-length: 4655
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f40-43a2"
last-modified: Mon, 04 May 2020 16:13:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5303101
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rjhxHol3jyzdprBDByEagtv9vRclD7nVofx%2FKbwy%2Fq6zHJF25%2FgzCjCZBwjQ7SDrdtLvF7ppZE83aRdw%2BcLQeS1zbNhP6eyBmL0sngpZ8r3gS%2FNi4rcOqrYnc3U8j3lSvI%2FMKUC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f57e38b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17272)
Size:   4655
Md5:    0bb455442d6528ba3d5c5dac37f7107e
Sha1:   7d59cba826ed9b3bc08bcf4c86cbe75b9fc61503
Sha256: 3c05436d103f8b7074c0f148209867bb8848da7f0cbc74be0b900ad0e228d3f3
                                        
                                            GET /npm/sweetalert2@9 HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.65.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 9.17.4
x-jsd-version-type: version
etag: W/"1080d-uB5K/9b4efMtYCfkBM9HcldmPDk"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 04:14:31 GMT
age: 20608
x-served-by: cache-fra-eddf8230067-FRA, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17636
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (42473)
Size:   17636
Md5:    3d2d1d8f88b04245de2e6b5bceb87a51
Sha1:   224c6a193b5ddf089464884243db70694476473c
Sha256: c45b919f19c21090fa43adba07faf4f6cd3db02f114b98b0dc155a119d554ad4
                                        
                                            GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 06 Dec 2022 04:14:31 GMT
content-length: 845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-d17"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 542026
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFBRmkDxXg1oYpxtAghbSuVis3GgFyVyREd1ccYOm1NLRoIDldxkMIMSqq9499qg%2Bj%2FY4dnIKJ%2BbmS2UyPBMvp%2BteRaBhz9mkycoDtFwJ0MU3lJFAhF8YFv9Tq4la55YrVehWsMY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f57e3ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3184)
Size:   845
Md5:    156afaf08dd47df971d3a40926c19974
Sha1:   d3f886560b55ff3c39d628ef16a71ca49cb7ecfb
Sha256: e4f93dd20cb7feb2c6d408b396e194928381545d24584431ab341ed094fb31fa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2953
Cache-Control: max-age=99358
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638d973c-117"
Expires: Wed, 07 Dec 2022 07:50:29 GMT
Last-Modified: Mon, 05 Dec 2022 07:01:16 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /ajax/libs/jquery/2.2.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Dec 2022 04:14:31 GMT
content-length: 26983
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e7e"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1145417
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bySRGtoKklfhF4XeHCv%2FbskO8tnsIhGdQmRAk3p3x4K3U9bAj%2BqeO%2BFd1jEBLK6coxicyrWF0YnOIwz8LrxJb1bydijl1kazLw1u1Uev1lMft5fWtvqXBvVJ5zVlhauJaEQelMBW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f5be4bb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32019)
Size:   26983
Md5:    f8b4311e9b5b0b079b52cd057289c79f
Sha1:   950a8424cd75e591ac7a6de58d4db19ac42915b8
Sha256: 39422d6375b1232d550f801f848e49b7902f6c3117eb5670be1002b902ba3908
                                        
                                            GET /ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Dec 2022 04:14:31 GMT
content-length: 10158
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-ad36"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4101123
expires: Sun, 26 Nov 2023 04:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2F8S%2F%2BkU5Fs2ob%2F2BkjJCTbFixcNw2kXrP9Xch9g%2Bn2hzscGQGZrziG1GN%2BEJk9fPSubQAe9c6dO6CQegQlaIsLvTfhe6Po4GMWx8Ccy7NwmkxbsjJHafY3n0MenewxELuzQuGEZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775231f5be4eb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   10158
Md5:    da09af9c30411ac4ea58fa932c2bcdf1
Sha1:   3021a222be0168efcad5db279a305485935aeff5
Sha256: 19e819601b91eb75c0609dd6343a344f280a94b83e06e58595bafff5b12ca7f4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4934
Cache-Control: max-age=149566
Date: Tue, 06 Dec 2022 04:14:31 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 21:47:17 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 04:14:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "599F53480ECBCB5E6D430BB4AFC8AEF2A74C29B1"
Expires: Tue, 06 Dec 2022 15:00:00 GMT
Last-Modified: Tue, 06 Dec 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 907
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775231f5fcf91c16-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    c0fc9cb5cffb933db9bad8a49fb959c3
Sha1:   f47df948c2011914c2c77f5a871b68770d2c9601
Sha256: ea0d43cc822237f8996d6b6a238a5362e0c845d84a57581210baaf00a879d7bd
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 04:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=123 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.168
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 04:14:31 GMT
server: Google Tag Manager
content-length: 1574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size:   1574
Md5:    727d70112212cf2c949d12548932490b
Sha1:   8d0410504540d3657a17c4e046a0941ff8111808
Sha256: 80dff8ef8d861a942fbe7baad3ed0aa032f738c13c092fd238a4d0892cb70ad8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 04:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /uploads/stander/158713492852480.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 34584
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   34584
Md5:    804efc7fa6c41ee41447bbb686473d65
Sha1:   e5caf8583ce97a0e69b96864aedcbab3ea22ff88
Sha256: e1e157c751776682e3e785e4147cd9e149dfef0b651ba97502f76ace183da081

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; expires=Tue, 06-Dec-2022 06:14:30 GMT; Max-Age=7200; path=/; secure bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D; expires=Tue, 06-Dec-2022 06:14:30 GMT; Max-Age=7200; path=/; httponly; secure
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 04:14:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31892)
Size:   15526
Md5:    a4e063115a400521effa667e732d2b4a
Sha1:   093be2096d8c0a69eb34dc734e48d6b00c42b5bb
Sha256: 50740567aacb63b4fc3a19ab9554f59f756ea84e4038c7ec018c17daeff70cac

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/css/icons.css HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Thu, 04 Feb 2021 23:49:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 490
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1727), with no line terminators
Size:   490
Md5:    ee4e819e82e0a6e7161c914c26b05df1
Sha1:   8e660fb7d5241d9a85d0834fcab45bc2139e4150
Sha256: 52d61cc8864bc8bab51a4a5a15ec8010c9d89e05db67b6e801dfe41f1da1a0c9

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/Services/158967080612293.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1222
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1222
Md5:    0e6187be1467984517c7675b9f08a1bd
Sha1:   5ec6de974e939c8846fcf5ecfcebbe2620da8000
Sha256: edb405d632fe7f8c1843e3b83805ffd88b7855ab2592e377bee94a92c9ad05ff

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/Services/158967065682015.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1700
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1700
Md5:    25474b023b3433bb262efd64f3c15b41
Sha1:   6f5a64ca8a2ab642420b1f681a0878ebd33e00b7
Sha256: 52a1908adf9167324893faf161d49bdda7d9730e95d6ba7f69d44ec3f1fc0b9c

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/Services/158967013253102.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1132
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1132
Md5:    abb1c1ed3a4fbe6ce736ed9bb9f6be8b
Sha1:   4656ca2812b83b71313792629274d75e3d1f24cc
Sha256: 7b18e1a712fcac9693b560cdcabff5613089adcffeed720c5c5e66642a2be1a8

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/Services/158967043380709.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1222
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1222
Md5:    0e6187be1467984517c7675b9f08a1bd
Sha1:   5ec6de974e939c8846fcf5ecfcebbe2620da8000
Sha256: edb405d632fe7f8c1843e3b83805ffd88b7855ab2592e377bee94a92c9ad05ff

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/Services/158966926685223.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1190
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1190
Md5:    11b3c8346c1081e645ba230bcec2716f
Sha1:   29cce8e6090cdd6c3ef056ebc3a3ce77f2c3b0ab
Sha256: 6ca05b99b862ee476f8bf502ac9d111f44ce28b973a972d13b82ad7386b78848

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/Services/158966973110459.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1074
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1074
Md5:    c3f124353182f33df5e8e76f1eb0b68b
Sha1:   8b60e91d0e865942bd1c32ee43395413207b3e39
Sha256: 1dffdb67af4a038e546736f800f36bd34d687cf41a9e65e00486ff2b6b574639

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/Services/158966903169880.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1190
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1190
Md5:    11b3c8346c1081e645ba230bcec2716f
Sha1:   29cce8e6090cdd6c3ef056ebc3a3ce77f2c3b0ab
Sha256: 6ca05b99b862ee476f8bf502ac9d111f44ce28b973a972d13b82ad7386b78848

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/Services/158966770775768.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 732
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   732
Md5:    c7b9a3e399f6e85d002a7fe3fb9a0855
Sha1:   d77303f29fea5b13c07a2665e02abed03760a9df
Sha256: 78b1c1c73f68dd61d5ea18bb88d45f3a244133edf6ca2e873fcfc10e1724eeef

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/Services/158966805523267.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1190
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1190
Md5:    11b3c8346c1081e645ba230bcec2716f
Sha1:   29cce8e6090cdd6c3ef056ebc3a3ce77f2c3b0ab
Sha256: 6ca05b99b862ee476f8bf502ac9d111f44ce28b973a972d13b82ad7386b78848

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/Services/158966433165945.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 732
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   732
Md5:    c7b9a3e399f6e85d002a7fe3fb9a0855
Sha1:   d77303f29fea5b13c07a2665e02abed03760a9df
Sha256: 78b1c1c73f68dd61d5ea18bb88d45f3a244133edf6ca2e873fcfc10e1724eeef

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/projectType/158974791852781.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 2458
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2458
Md5:    3f2bb96c3656fc0338b25112c21d4424
Sha1:   123569f1a5fe10922fa2b917e176a3ceb6eb5723
Sha256: 6e6e96e87278d65b1404dd4ed0fb15e59a3caba1e1f93e9b99b755ae19852776

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/projectType/158974783660719.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 3794
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3794
Md5:    0b16c42919e97a88b0b80bf4e1f66960
Sha1:   b289df371c61b9197190c9d6c7b2e86b9a0d6a3a
Sha256: c7a21dccd13ffbd2f238ec8f41898a722e330c71d4da393ba33cc06ba8679fca

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/projectType/158974761834881.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1608
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1608
Md5:    8b0ae54ba04c52a30912e058ec1a0be9
Sha1:   401a0a4904b0c179a468ab01f6efae8f1bb979d9
Sha256: 14d28ad602effa0237888043604025da5dfd7d655596a8871f6d9edfb910a22d

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/shape1.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 616
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   616
Md5:    18a6abb4c45dc5117e0864219266f209
Sha1:   cac19d41408d1a42a5b2edde235f802d7fb4fb90
Sha256: d439fe4555f6ffc3368e70b5aa68155124998c5458089660c401099fb53db8bc

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/projectType/158974774544159.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1588
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1588
Md5:    92c20aa1f3497c66229a00e1ee46be9c
Sha1:   8f0d3da231876c45e0b9ab49acb48a0a2c99b693
Sha256: b23ca8b148151d5a6433d4fd40f7efa87f94fee26e69ac5e8e0634c98324d4de

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/shape2.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 522
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   522
Md5:    25505703c463825944372be537523f08
Sha1:   095c8f17b5c1f950a3b9a7e2d9b1d385072d1187
Sha256: 2796305de92f51116bf734d0c4e335894cd1bf5f13da5fbbdbd2ee54b8dc20e9

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/shape4.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 2920
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2920
Md5:    869a44093c4c8533d55bdac4c2132d6f
Sha1:   deb92ddbb6749fbaf6d6ced4f669184856de75e5
Sha256: a573a11543f88f1eba68133c6f058ede53575cc8902b5d277aa2106633cf0f13

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/stander/158713492837386.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 28726
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   28726
Md5:    5714a65bde303d10e0b41ad6ea8249ea
Sha1:   c5cb72c661ada632cdaf08b81800ea09e25aed9b
Sha256: 4f67009fb61e2a1bcf2a2ec53c7679ec48b46f61aedcb43575c0fcf7e9eb79da

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/shape3.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 540
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   540
Md5:    854d410d42538e696430f162ab9adffc
Sha1:   2418fc5ea71b75c66bb40c5adaa7fa1047c1ef14
Sha256: 9f696cbbbfe9334b5d2dd4fcdb0707cb856c93ccf05c3a2d6f121bdc25cf269e

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/icon1.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1576
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1576
Md5:    fdd03f3eb149561c41a90cfb12af2906
Sha1:   07f3af002d5f88d566290e406bfe4735af07c578
Sha256: 39e3034cc56567d2e0e3e678a17bc7340cae664cfe8670fcf61a80e75528e739

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/icon2.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1630
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1630
Md5:    5def227abb644ebd6d5565264034ba4b
Sha1:   7244e8efc9cb8c29aa04cfe58594ec41bdc67473
Sha256: 0edff7c738aae1811a298ffb0c7f0f876ba4c04479f01fc06db72b754a56390c

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/icon4.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 708
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   708
Md5:    c6a79c452014645d43c2f85576e703e6
Sha1:   47c2ab83b242948cb6fab546acff93197bddffb7
Sha256: 53429af8f0138763cdccd2a503ae375ef0a0175a76466e717a232a29f5d4af2d

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/wrk1.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 400
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   400
Md5:    2c58bcdb293ad51fbd675fc96da340dd
Sha1:   4f6181f5a78e0e768ad71c4d9d55917f39cbfa23
Sha256: 087373c6060f81139e88845ad5053e80163694433d15d61bab4059a85fdf8af1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/shape5.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 7214
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   7214
Md5:    6481922ad5f002ce089c500e8cc202de
Sha1:   df52fc654fca22b500c92730fe8b312f460e9ec5
Sha256: dba62aebabe3d0c2b62c5ab4ee1352bdcdb5724958db1886a7e460d35f5930d1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7555
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 04:14:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7555
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 04:14:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7555
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 04:14:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7555
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 04:14:32 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GgMHlvU3WIDYMF9fmZAajw_Y3zmPm2zojn7FTqgqtBj7e4qeu8Uokg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:05:53 GMT
age: 22119
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6920
Md5:    f4193f05dfd1de8bf795f433d4387243
Sha1:   b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
Sha256: b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: El70-nSITf6MuEV19s_OMrwTcWIKO-u4JsghVUSzolero071AVGvjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:38:28 GMT
age: 23764
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11469
Md5:    5529617b0748f2d8c82ef99c1ac116a8
Sha1:   a862b74508113ae72b56b9b3de0c75ba559b9032
Sha256: 376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8656
x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwkEHmIAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zTGiKMan3uG3edx5AsFabNE4eG_dmzrIIOFCWcOxYN0UgSCGTNTtxw==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:25 GMT
age: 21127
etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8656
Md5:    30d72693680b3ac91c0eee4d47a26196
Sha1:   cd923a5a3810bfe86be2eca4b97c739d76756d93
Sha256: 69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cO5j7BIPh3GSOUqKDYYY2qmG6__Hn2XB9lFhhYT_WpOXya-9TTGtgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:24 GMT
age: 21128
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5995
Md5:    3801236dc22938e1cc18947e90ea5326
Sha1:   5979d7dc3ba0eb61947282a4adeac8208b4148ae
Sha256: 3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:21 GMT
age: 23171
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8749
Md5:    dcb8fe0c4ba323ab2483fa290c291051
Sha1:   6706e02d6b95edc3a33c951f07d04b0fb7415b77
Sha256: 6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:03:16 GMT
age: 22276
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10594
Md5:    7e1b54923ba506fde6b21c5bfb51ccc8
Sha1:   366aa3ab0790c496ea51bc08d1f2ff3358530d9e
Sha256: a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
                                        
                                            GET /assets/images/icon3.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 2358
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2358
Md5:    3880a86d96ece6bf5e92ede3c38b57f8
Sha1:   52b0b19be8ac5c9750f275b149732caa6c2a977c
Sha256: f2772ffb610cba5c3505c29a11c4f7aac16d815fff4ed0ed2d939df2901650b1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/user.jpg.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 326
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 32x35, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   326
Md5:    3f10b8041a94f8db6cf9366b697a4cbd
Sha1:   2f4d5a507199cd9c04c1ca63ea84d09a6c72e5b2
Sha256: cd7c06b27bcae80c8c38059efd8818d07f8319797dd41eefef13037fae4aca81

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/client/159080333517670.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1712
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1712
Md5:    939b2751d9cbcf12a870124be63c94e2
Sha1:   bbbc6bf90ed2ebaf37baa646dde3bac0d9e71bd1
Sha256: 86694968f02190881631620c5ed6d86955dc18c22bc75397dd6f821556d9e43c

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/client/160008936383142.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 2668
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2668
Md5:    ef6b6c61882c0de3d278573a713ac1be
Sha1:   40609523468795ce214563f4abb4ff207d578890
Sha256: 741eaca7f135cfd82502f9e88b9d4a0a86f45a745e8f399c0f5f5b181f6955ff

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/client/159080339152875.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1276
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1276
Md5:    3c62b24551e884e89f610e13fe70d380
Sha1:   0e16558275f21ae61cab2b6a3d5c2e3749a23f37
Sha256: da099f36129fe24c8e4f38e9e21b4ec25f021a5400629b2aa614a441fd8a0b14

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/client/159080345421906.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 2514
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2514
Md5:    42278ee5070d2c9176a56c6f4b1dd4c8
Sha1:   c35a9a5aa2dd052a0721fe85cd7d212bb2b9619b
Sha256: 7ad12ce0d9e3ddd9f72e5dd942a3efdbe999a99abd782356f1ca46731304d12b

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/js/bugaia.js HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 525
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   525
Md5:    bc837126bb740df96bdd8d189fd51892
Sha1:   d6c0d6f6a8a76d3bdd08d295d07f6155c65da769
Sha256: df4fa6d8f7c79bfb468639c4da117dffd666088a24823de48f310ee4cfeffe26

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/client/160008931775531.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 2306
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2306
Md5:    8476e7bb5eb46ba51101fdb247efc24a
Sha1:   7f11fe548aa335b82a553805199f40965f914ac2
Sha256: 5a480cf6d16e5e2953fe84b84ff9f19d37f98dc00b52468b73b4721d4d9a5aed

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/js/main.js HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1078
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1078
Md5:    17d0c33ac9352156d650f8002539f02e
Sha1:   f585053133bc91eb43d0e5c6865debab7e27ad04
Sha256: fc1817688c83b38c600058615b47b445e788ddb8f26e168573424e06f4dad1ac

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/stander/158713492871545.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 34392
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   34392
Md5:    a2c21e13efe563451e7d299361bdf7a7
Sha1:   134aaeacd19dde8c7aab68ca25031e1db3e1cf81
Sha256: 50ea62e7d2fea1eee578c82438576d7d482faa28e45119fe0480b3ab4ffdc976

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/project/160009065495381.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 26750
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x924, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   26750
Md5:    c88dcd27459ba55ae8000af97b58372a
Sha1:   d6e5df2c683aa64496b6c7ca6ea53b4088adfda5
Sha256: d04f0a57e0bceb97b8d8c2684981e16d20063a1c2348b313498bf2e5fe78b00b

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/blogs/158975598286182.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 30376
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   30376
Md5:    1378b3a2f48a9a4d86d8b55c71b1822f
Sha1:   0c92e02232932ff2ef2a28a354cfa9ebedce9c43
Sha256: 99761e417dbc4be96fffe2866881607396c44dd7538a2b3a3c979e6ddf450fa0

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 637
Cache-Control: max-age=127284
Date: Tue, 06 Dec 2022 04:14:32 GMT
Etag: "638e0d5f-118"
Expires: Wed, 07 Dec 2022 15:35:56 GMT
Last-Modified: Mon, 05 Dec 2022 15:25:19 GMT
Server: ECS (amb/6B91)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /uploads/blogs/158975212448488.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 30376
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   30376
Md5:    1378b3a2f48a9a4d86d8b55c71b1822f
Sha1:   0c92e02232932ff2ef2a28a354cfa9ebedce9c43
Sha256: 99761e417dbc4be96fffe2866881607396c44dd7538a2b3a3c979e6ddf450fa0

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/blogs/158975454857803.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 30376
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   30376
Md5:    1378b3a2f48a9a4d86d8b55c71b1822f
Sha1:   0c92e02232932ff2ef2a28a354cfa9ebedce9c43
Sha256: 99761e417dbc4be96fffe2866881607396c44dd7538a2b3a3c979e6ddf450fa0

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/client/159080329590334.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 43298
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   43298
Md5:    b4b2d035791d40c88f28b17c1bfa672a
Sha1:   a0adc6de367ed947b42eee258d47779c2b8da7a0
Sha256: 050bef9dc31ac316aa47ae06c636e0598a5174f8e96e7690b46e7f592eaec698

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/client/159080354649987.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 18664
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   18664
Md5:    ed3cda0f77fb06d048521e02f98e9d5a
Sha1:   dd012def2bd00d5d8d961cba46fc97d84bda8659
Sha256: 234b905d5a01816a3652d1d9c50faf1e9bac783e16b6f2bdf0e1fbeaf93ab803

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/client/159080342639278.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 16734
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   16734
Md5:    49602e20704d13569d624dec4e574309
Sha1:   550b25bcbd1e3a3d623a872c58f01d311e4f8509
Sha256: a7a70f477797f43a48c3fd70a2cd0b9f8e9f3f74f2de04afb15564a4a48b6c4a

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/prj0.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 40568
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   40568
Md5:    96fea818fcfd5e709170cd5f29cfbc6b
Sha1:   031f6a38169fee9573825e7e19ab2f50a8e31e55
Sha256: 959b1b448944107d32a449b65b8c21bab55f1b24e0e90f218076139b6268b086

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/project/160009056766991.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 57328
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x927, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   57328
Md5:    84cf513e68f6e5f79f847ffaf7b5793e
Sha1:   a13c4af6b873d9307139e80e87fc1479dcf62552
Sha256: 94e5f541974fc619b86d7f319b0dcf20f26693a8aebe2e4b1e94df0c8d1eb9da

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/project/160009059712052.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 60406
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x921, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   60406
Md5:    5769888a0af507380805df3571920292
Sha1:   3a865bff2259001dce31b7bcd7eccc92753ccd41
Sha256: 9f9f3d0ac9413113c709f946d5cbd9fe3ae5210a2a62554809849c601617dd63

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/footer.svg HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/svg+xml
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9891
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- exported SGML document, ASCII text, with very long lines (10270), with CRLF line terminators
Size:   9891
Md5:    e05ac56009837c297fde9eeff4c3f731
Sha1:   b853aa17e87b6edd11ab4ad265364d6512047536
Sha256: 194cc8d7bfca82536749d4d6a7d96e532f5791dea0b07c75543820e250ab6053

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/mountain_header.svg HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/svg+xml
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 870
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (464), with CRLF line terminators
Size:   870
Md5:    7fcaa028293b37c7f2c679fbc147a940
Sha1:   0aeea91950beadc1e5f2c1e715779405489c2e18
Sha256: 96eeb8f0d8996d86f875c2d39123729bece1f13d23a73ae34a6d16d5949bd8f3

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/line.png HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 15191
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1857 x 342, 8-bit/color RGBA, non-interlaced\012- data
Size:   15191
Md5:    d33098935f6c5ead76b10bc33e578dd4
Sha1:   81ab01e4bf12755ecb383c64f40fdd5767378ed5
Sha256: f11753061280a8971a26771126aa6de2cc338593280b865f13ebb4c8375cd6f2

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/images/border.svg HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/svg+xml
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 292
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size:   292
Md5:    d0c68c1eb2d67225fe79b494947c5b9a
Sha1:   2738abce3a32ccee47290342f6366eb613f382a9
Sha256: f8a970ad4624aa4bb15ebccf357e973e73cb5295c5570913350e5e20be40091c

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/fonts/icons/icomoon.ttf?j739wf HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/icons.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: font/ttf
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 6000
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size:   6000
Md5:    4924b41e1a178d65bc129ed1070fba6f
Sha1:   4da5f9363bc4c97d699b61324bb42f58974605e9
Sha256: 7da7287976498ed44b1b374efee17965b221bb3e7abf27d0ba46d64dadc227ec

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /uploads/project/160009063425370.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 195742
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x933, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   195742
Md5:    c405cdc6017cf7685e35731e1cf36cab
Sha1:   c2424f88a08866a47e044c01e6fb148dc6438c3e
Sha256: e9061dae9549c949c7e1419f50f0de0bf1d1b095d534b6467eeeb29a9b20a39d

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/fonts/TAJAWAL/TAJAWAL-REGULAR.TTF HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: font/ttf
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 56088
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 15 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, (c) 2017 by Boutros International. All rights reserved.TajawalRegular1.000;1bou;Tajawal-RegularV\012- data
Size:   56088
Md5:    6b10b55e4df612910047b7e5d596a9d5
Sha1:   c13a0a9b2d0deb648b29442ac81a56516153f201
Sha256: e04f9ee8d10ee25525bfbb4c44f856853568bd39de59c7bc9a2da1683fee01c3

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.11.207
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Dec 2022 04:14:31 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 15749556
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775231f52cb5b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32033)
Size:   67615
Md5:    68104fbed6174c3456c7d5155ca4bee9
Sha1:   6989867127139e026a4f4507e29ad9c86cd944a5
Sha256: e99066ef04c6307878082711f41344199da7a7deaa9c811ad618100d146515d4
                                        
                                            GET /assets/fonts/TAJAWAL/TAJAWAL-BOLD.TTF HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: font/ttf
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 56568
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 15 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, (c) 2017 by Boutros International. All rights reserved.TajawalBold1.000;1BOU;Tajawal-BoldTajawal\012- data
Size:   56568
Md5:    79bb19e04937c19974260fcb4128270e
Sha1:   e08459c45d81723a0275d1940c39b2c53f6e677c
Sha256: 4e73466ce60e5c69df0c5da4cf0ae6e60e5b29951ffbd9d3ce3b4cb68b391f74

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/fonts/TAJAWAL/TAJAWAL-EXTRABOLD.TTF HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/assets/css/main.css
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: font/ttf
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:31 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 56292
date: Tue, 06 Dec 2022 04:14:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 15 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, (c) 2017 by Boutros International. All rights reserved.Tajawal ExtraBoldRegular1.000;1BOU;Tajawa\012- data
Size:   56292
Md5:    7bbbfd28e8dbd463c9f449aa96ffd7ed
Sha1:   e0fc35c5b78b529a489597740eb49e134b81b690
Sha256: 853befc42ac27357f2041fab7e63947ad40b40f3caa51aede698b2eb5599ac90

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 638
Cache-Control: max-age=127284
Date: Tue, 06 Dec 2022 04:14:33 GMT
Etag: "638e0d5f-118"
Expires: Wed, 07 Dec 2022 15:35:57 GMT
Last-Modified: Mon, 05 Dec 2022 15:25:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /assets/images/fav.png.webp HTTP/1.1 
Host: bugaia.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRod3dmZG1mMTRDMGlDOER0VEVhbGc9PSIsInZhbHVlIjoiY1I3eHowbDFHK1poQ1V4V0FRTkgrSENXS2ZENE5IUXNVTjR1aElwRGI1Q3N4XC9KRWZRVWVCNDZ4WXNmcytYZ1wvIiwibWFjIjoiYjEzYWQ5ZTI5OTYyNDU5ZjYwMmY1YjlhNzdlNGQyNDQ4MTI3NmM5NDU1NWQ2NzZlZTViYjYwOWM1ODE5Y2M0MyJ9; bugaia_session=eyJpdiI6IkcxYThMcTEzNjJ0Qk11K0NBYWh6MlE9PSIsInZhbHVlIjoiTmV3Q0Z6cGxxN3V3MUtJMUFYQTI3czJoK3p4ODhqczgxVGRJV0tDZHo4Y1pMZGd3SkNIQW8rTHpOXC9Od2NsZU4iLCJtYWMiOiJhMjc1OTY0MzRjOWNhYjQ2ZjA0YzhkNTU5MWM2YjRkZGZkMjFkNzAyNjU3MTRjNzNhMDcxZjdjMTBlMDQxZGVkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.122.94
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:14:33 GMT
last-modified: Sun, 24 Jan 2021 16:50:16 GMT
accept-ranges: bytes
content-length: 1546
date: Tue, 06 Dec 2022 04:14:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1546
Md5:    78411bc82e7f67621db63765c2d92113
Sha1:   a0db23ce103822623a57ba5d78b7ed90aa964257
Sha256: b7ec8b763196f50d909a605332bf178a5e8e4e9425188a93bca168ab4f37b543

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.11.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 06 Dec 2022 04:14:31 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:29:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e
cdn-cache: HIT
cf-cache-status: HIT
age: 18410408
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775231f50cadb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/637ddf31c8f/js/twk-main.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bugaia.net
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.24.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Dec 2022 04:14:33 GMT
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77523202b897b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bugaia.net
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.24.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Dec 2022 04:14:33 GMT
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77523202b89db4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/637ddf31c8f/js/twk-runtime.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bugaia.net
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.24.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Dec 2022 04:14:33 GMT
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"9075c2f5460b2832318d3c7217cc68cb"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77523202c8a0b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/637ddf31c8f/js/twk-vendor.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bugaia.net
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.24.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Dec 2022 04:14:34 GMT
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77523202b89bb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /5ae10d755f7cdf4f05339e3f/default HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bugaia.net
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.22.24.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Tue, 06 Dec 2022 04:14:33 GMT
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-637ddf31c8f"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775231fe9ed8b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/637ddf31c8f/js/twk-chunk-common.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bugaia.net
Connection: keep-alive
Referer: https://bugaia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.24.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Dec 2022 04:14:33 GMT
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"bde99510bdf9ab7bbc9ce82519a19a36"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77523202b89eb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---