Overview

URL yourtoday.net/index.php
IP69.16.230.42
ASNLIQUIDWEB
Location United States
Report completed2022-09-09 10:57:35 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-09 2 yourtoday.net/index.php Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-09 2 arkdcz.com Sinkholed


Files

No files detected



Passive DNS (27)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.starfieldtech.com (1) 6616 2012-06-22 18:08:50 UTC 2022-09-09 04:45:38 UTC 192.124.249.24
mnemonic passive DNS landers.of-bo.com (1) 416367 2022-01-13 21:26:53 UTC 2022-09-08 07:23:07 UTC 172.67.155.108
mnemonic passive DNS yourtoday.net (2) 0 2015-07-14 10:30:05 UTC 2022-04-06 12:14:17 UTC 69.16.230.42 Unknown ranking
mnemonic passive DNS bam.nr-data.net (1) 630 2015-02-10 00:06:27 UTC 2022-09-09 04:40:58 UTC 162.247.241.14
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-09 05:37:59 UTC 143.204.55.35
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-09 04:40:33 UTC 34.120.237.76
mnemonic passive DNS kit.fontawesome.com (1) 1868 2019-03-29 02:12:52 UTC 2022-09-09 04:46:08 UTC 104.18.22.52
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-09 04:40:05 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-09 04:48:21 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-09 04:43:53 UTC 44.228.207.167
mnemonic passive DNS cartining-specute.com (1) 0 2021-01-31 23:37:43 UTC 2022-09-09 03:14:14 UTC 18.197.36.77 Unknown ranking
mnemonic passive DNS go.cyberslut2069.com (14) 0 2021-04-25 00:45:34 UTC 2022-09-08 17:01:28 UTC 54.230.111.59 Unknown ranking
mnemonic passive DNS dngsnl.com (7) 0 2022-02-10 12:26:02 UTC 2022-09-08 18:32:11 UTC 207.120.33.5 Unknown ranking
mnemonic passive DNS ka-p.fontawesome.com (3) 4489 2019-12-16 20:35:53 UTC 2022-09-09 04:34:28 UTC 104.18.22.52
mnemonic passive DNS fonts.googleapis.com (2) 8877 2014-07-21 13:19:55 UTC 2022-09-09 09:00:59 UTC 142.250.74.10
mnemonic passive DNS geoip.enlistsecureup.com (1) 269993 2021-12-22 01:39:03 UTC 2022-09-08 21:03:26 UTC 163.171.128.172
mnemonic passive DNS www.fst-ent-lnk.com (1) 0 2020-07-30 13:54:41 UTC 2022-09-08 07:23:07 UTC 54.200.116.57 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-09 04:47:11 UTC 143.204.55.35
mnemonic passive DNS www.arkdcz.com (1) 767397 2021-10-26 21:03:57 UTC 2022-09-09 06:47:19 UTC 34.149.6.227
mnemonic passive DNS ocsp2.globalsign.com (2) 1544 2012-05-21 07:12:19 UTC 2022-09-09 04:40:29 UTC 104.18.20.226
mnemonic passive DNS flirtyhoookup.com (1) 0 2020-03-26 11:26:33 UTC 2022-09-09 03:14:14 UTC 172.67.201.85 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-09 04:41:59 UTC 142.250.74.3
mnemonic passive DNS gaut-hil.com (3) 342928 2020-07-09 20:17:47 UTC 2022-09-09 08:40:07 UTC 52.45.156.125
mnemonic passive DNS fstlgin.com (1) 0 2022-06-21 19:32:49 UTC 2022-09-09 03:37:50 UTC 163.171.140.79 Unknown ranking
mnemonic passive DNS ocsp.sca1b.amazontrust.com (3) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-09-09 06:05:00 UTC 93.184.220.29
mnemonic passive DNS ajax.aspnetcdn.com (1) 693 2012-05-24 13:35:31 UTC 2022-09-09 04:54:15 UTC 152.199.19.160


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 69.16.230.42

Date UQ / IDS / BL URL IP
2022-12-05 02:54:24 +0000
0 - 0 - 1 static.litube.net/ 69.16.230.42
2022-12-04 11:10:49 +0000
0 - 0 - 6 picoprojector.dealshopie.com/mobile-kit 69.16.230.42
2022-12-02 12:47:01 +0000
0 - 0 - 1 hipfile.com/j5trvplqq7nj/RowdyR.Scam.WorldFre (...) 69.16.230.42
2022-11-30 07:35:57 +0000
0 - 0 - 15 www.gadgetsblogger.com/2011/02/gadget-deja-un (...) 69.16.230.42
2022-11-30 07:15:10 +0000
0 - 0 - 1 www.onepennysheet.com/anon601/ 69.16.230.42

Last 5 reports on ASN: LIQUIDWEB

Date UQ / IDS / BL URL IP
2022-12-05 20:30:48 +0000
0 - 0 - 1 loopplanet.com/fonts/library.bin 67.227.214.170
2022-12-05 20:23:49 +0000
0 - 0 - 7 pharmaseek.co.za/ 67.225.140.30
2022-12-05 20:15:51 +0000
12 - 0 - 13 hakirasilimali.or.tz/public/oydlfu5k2HDtDTime (...) 67.227.213.152
2022-12-05 20:11:30 +0000
11 - 0 - 12 hakirasilimali.or.tz/public/k4fUHvn8g7knW1S9b (...) 67.227.213.152
2022-12-05 19:39:42 +0000
0 - 0 - 5 handyproperty.com.ng/nus/index.php?QBOT.zip 192.138.21.198

Last 2 reports on domain: yourtoday.net

Date UQ / IDS / BL URL IP
2022-09-09 22:20:31 +0000
0 - 0 - 1 yourtoday.net/index.php 69.16.230.42
2022-09-09 10:57:35 +0000
0 - 0 - 2 yourtoday.net/index.php 69.16.230.42

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-05 03:12:12 +0000
0 - 0 - 5 patio.brandonrfriedman.com/ 67.227.226.240
2022-12-05 01:15:05 +0000
0 - 0 - 5 mvyj.yy.wy5532.com/ 185.107.56.197
2022-12-04 02:34:47 +0000
0 - 0 - 4 deoseasr.org/acc/acc0unt/acc0unt/news/1474430 (...) 67.227.226.240
2022-12-04 01:00:03 +0000
0 - 0 - 5 indianbrachytherapy.org/ 67.227.226.240
2022-12-03 02:54:31 +0000
0 - 0 - 5 jhwwqsud.gov.wy5532.com/ 185.107.56.197


JavaScript

Executed Scripts (28)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (70)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 10:05:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P5cMVk90mTNTSRZtAAVFITu67swI7OYgP8Z_gmTe9H9NEbVeRbA6sw==
Age: 3098


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10556
Expires: Fri, 09 Sep 2022 13:53:20 GMT
Date: Fri, 09 Sep 2022 10:57:24 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vJMGIu4z7B96hvK-v4ZOUr_M2bonsshF3OCiS4MuIWDzihvMe-ZOJw==
age: 25850
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Sep 2022 10:57:24 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 09 Sep 2022 10:56:07 GMT
Cache-Control: max-age=3600
Expires: Fri, 09 Sep 2022 11:38:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AIE4HonIvf0DXA5IMAwTug4CoGbk4Q1lO-1pBipWjsNPtVbOjlbK9g==
Age: 78


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3590
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 10:57:25 GMT
Last-Modified: Fri, 09 Sep 2022 09:57:35 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qUDvPKZsriBLpAasPk4Luw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.228.207.167
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1pOLm1l/qmIUqLRidkw8bJk9YIc=

                                        
                                            GET /index.php HTTP/1.1 
Host: yourtoday.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         69.16.230.42
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 10:57:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (636)
Size:   2284
Md5:    63eb33392f67f27cee05b550c196cec3
Sha1:   8d7f5b37879dec3c56b870061720e1aeb2427065
Sha256: 8b8ece74d5bf04a0ca18bbaefbbb9e7fde200dea1544c4728550fa3bc1aa0592

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9502
Expires: Fri, 09 Sep 2022 13:35:48 GMT
Date: Fri, 09 Sep 2022 10:57:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9502
Expires: Fri, 09 Sep 2022 13:35:48 GMT
Date: Fri, 09 Sep 2022 10:57:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9502
Expires: Fri, 09 Sep 2022 13:35:48 GMT
Date: Fri, 09 Sep 2022 10:57:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9502
Expires: Fri, 09 Sep 2022 13:35:48 GMT
Date: Fri, 09 Sep 2022 10:57:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9502
Expires: Fri, 09 Sep 2022 13:35:48 GMT
Date: Fri, 09 Sep 2022 10:57:26 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:15:21 GMT
age: 45725
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4002
Md5:    c9590b525c8b07a297c8784f02b161a1
Sha1:   cec8428d159a5bde29e89c64cfb04146f759d52b
Sha256: d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8354
x-amzn-requestid: 55971de2-bf63-4300-9007-1bc234962d0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRKXFGTIAMFp3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6242-23914ec672a0a898498bbed6;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:44:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: lxqcvxSdM4FBQBZTNnhCrpl02fsnInyii7Yaw7fs4STzEd2fZIuuXA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
age: 47510
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8354
Md5:    7afe346e3b24ea4388913b449d1ffc42
Sha1:   f5348ba99fb8966dded580409108316f4e4e1237
Sha256: 1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zdVUahmbPQ7sQMlg14M89JOwjN2PEM03GNLYEwxPjcaioRpyqb8isA==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:26:32 GMT
age: 45054
etag: "70ede5692526afd351d134a391383461dafdc64f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4532
Md5:    a5fdeb374d4e3669ce5d9ff2cd22cd19
Sha1:   70ede5692526afd351d134a391383461dafdc64f
Sha256: 10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7218
x-amzn-requestid: 26a5c20b-1a4a-4543-b4b9-209b3fc445ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YId3DGeUoAMF9-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319a9c6-629ade4f617f37bf5a281103;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 08:37:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RnY_ItUJ0yOpsg80f5Su6oxr5ROLvYTSjuP4g0xrpWML_Qz-uqJ59w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
etag: "4e4e127039dd8099c63c3bde198118d2874f7342"
age: 47510
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7218
Md5:    3f8aeb20a6543be83f3e422796c4dc70
Sha1:   4e4e127039dd8099c63c3bde198118d2874f7342
Sha256: 0f9fdd1b577e4719f88620bb451131bfb120790479b4feccb4222647fb3ea453
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7139
x-amzn-requestid: 5125cc11-410a-4a86-a0cf-68950433b602
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFBoyHycIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318496b-5579dee14390c1b63e97e0fc;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QAFJoWNKPurEH344wsc43OZdBSFCrN7zlnQfTsrMrF6qKM4Wj0QV7w==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:03:18 GMT
age: 46448
etag: "b9b1bf8291b6a66f260f82947966fa01ca78c61f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7139
Md5:    706c7ceb40056f848425ca7d994cedc8
Sha1:   b9b1bf8291b6a66f260f82947966fa01ca78c61f
Sha256: 739205893d17a123d2fac165f468314de14a99dc56c9e5b0ac79434f7c38b558
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:20 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
age: 23106
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3125
Md5:    0078c7a407144a1ede33aef6f734eecf
Sha1:   113393e0dbabb3aff949d19ab6517ba1082b622d
Sha256: 42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
                                        
                                            GET /page/bouncy.php?&bpae=GbhGtKvmvUx797vv%2FSpQeHr22kviANlvXqAy9vn9M4D3BtcYY5OKztGq6xtqXTXZVo8yCFUklkiNNNXDgUXbVfb%2FVDgxexh5x1Tvsq0sE9kiMoxJ%2BnCqN1rRUx9%2BaNUX9j0L9U28XaUPcIeREAmNj4%2FzuHnA%2F%2BtK21pYfGzwG2Q2V5M5GDVG5sM6NeQHg%2BpyqsAB34wt1tEc7knPOtV6pbe4qXoPXQzvtk4tFtbEakXbC8P7GG8aXPwfb4N84ojs4yfoysBqap2ItXfoF76q4ZWg8TxDJh2wHQ2K1CezVknr3nqpCHgh87ia6V7RhESC3o6uiwFVfNUaHA%2Ffq3ygit4eOoFu12UejfQEGBCU%2BkkdK%2B0khpzHFyhWj3JucsXQhYftJ42FwEERJARpWwH0qRq5%2Bp9%2BClefxJGAo9nagY1K%2BZ7EjPAqgJd5ugJNz6Rql4eq1Ya32dGHoYbFL8RS09h2whAe08yPxui0xo07l6daNqzI%2BbjFdOW8YpayvUxATMSe&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1 
Host: yourtoday.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtoday.net/index.php
Upgrade-Insecure-Requests: 1

                                         
                                         69.16.230.42
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 10:57:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   982
Md5:    879d465adb760d31e18bc15a92e0c441
Sha1:   19edda2060fac98a9ded3036aece2c3351ad4c32
Sha256: d64c3871fbf005aed13a8cbcf05beeffdc36616dbdebe7e9b29afb3855356778
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 10:57:27 GMT
Last-Modified: Fri, 09 Sep 2022 09:28:19 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rvJ6X8Dghwql0PW0Nvq26hkNWVLqKeXEg1fKFzoWJAqCwNIbcoozcg==
Age: 5348

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: gaut-hil.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/zcredirect?visitid=2f969522-302e-11ed-b914-1260020ac2c9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         52.45.156.125
HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
                                        
date: Fri, 09 Sep 2022 10:57:28 GMT
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: HZruNWXK
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            GET /zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3Dn19ck4pSWjZsA%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dwmb78c0pkd8vkqti23d3d3ls&caid=085bd64b-9381-4b3f-a170-3ece47b8393a&zpid=2f969522-302e-11ed-b914-1260020ac2c9&cid=wmb78c0pkd8vkqti23d3d3ls&rt=R HTTP/1.1 
Host: cartining-specute.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         18.197.36.77
HTTP/2 302 Found
                                        
server: nginx
date: Fri, 09 Sep 2022 10:57:28 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://flirtyhoookup.com/?utm_source=n19ck4pSWjZsA&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=wmb78c0pkd8vkqti23d3d3ls
pragma: no-cache
set-cookie: cc-v4=3HR0BJD062efEoblxZQ48yGgN6GNhwfSVcWAXFWQp0uU5Q2xQdnLHt%2FH9wZzyT5JkBzo3mx47ZWAKbhbq2n7xFPnN9ljlc34%2Fzq9ownlaeHuhLVH7cVg5Ksssq0%2F5AvhTeKvpY9lklZMwKFF5CCzqw%3D%3D; Max-Age=31536000; Expires=Sat, 09-Sep-2023 10:57:28 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.starfieldtech.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Fri, 09 Sep 2022 10:57:28 GMT
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Sep 2022 15:23:27 GMT
Expires: Fri, 09 Sep 2022 15:23:27 GMT
ETag: "1d34f98e98b49e7fbfce9f3e1dab676981951038"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1845
Md5:    f0ac29e476a5b04dd20cf30b6a35e975
Sha1:   1d34f98e98b49e7fbfce9f3e1dab676981951038
Sha256: 530da5f66e218b1a35746bacaed835832bf3fb6cfb5a2806e5ce9e71e327b373
                                        
                                            GET /MSJ7L4/HX6G2NF/?sub1=418543&sub2=PjUasOLlIGNBIkTddZExxWomRrksAqvSKx HTTP/1.1 
Host: www.arkdcz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gaut-hil.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         34.149.6.227
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Fri, 09 Sep 2022 10:57:28 GMT
content-length: 169
location: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
set-cookie: uniqueClick_HX6G2NF=4b4671cf-cc56-49d0-9ba5-76f017c55f79:1662721048; Path=/; Expires=Sat, 10 Sep 2022 10:57:28 GMT; Secure; SameSite=None transaction_id=177886e099f1454bba17fda1f281a51e; Path=/; Expires=Thu, 08 Dec 2022 10:57:28 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 0d1115ce-f8fd-49ee-b51d-f1660b2dc7cc
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   169
Md5:    9220fa6a74cb61e83abe6f4d12da9a74
Sha1:   87b1d292558127a6269162024bf964fb20ac9ecd
Sha256: c6defd2864594e8f91900b527528531fb9365b33920a1299c2241eefdb89790b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /zcvisitor/2f969522-302e-11ed-b914-1260020ac2c9/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=37c9e6c0-26dd-11ed-b69b-12beee04f19b HTTP/1.1 
Host: gaut-hil.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtoday.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         52.45.156.125
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
date: Fri, 09 Sep 2022 10:57:27 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: rkcbMGrl
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2841
Md5:    0ddf2b6f9e3cd7df1d3e468b3f5b694d
Sha1:   ee719a700fc1faac3bb1cbd39d3ffe7102b3f5b6
Sha256: 6a822ef12c7f4af685f0fd9f552da8374bbc552084730d3a69ff928f34d849c5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 10:57:29 GMT
Etag: "63176374-1d7"
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: geXRZWp2so1uekPaLyehXXhnmbSsjDziqT0ZQob6Qm4SV8MCTTgH1w==

                                        
                                            GET /vrfttcyber/assets/images/themes/cyber/logo/logo.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 16420
last-modified: Thu, 02 Dec 2021 15:26:11 GMT
server: AmazonS3
date: Fri, 09 Sep 2022 02:21:25 GMT
etag: "4673cfc8d2708f4ebe2f821483548ccc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x0ckAoKcFSlE3YDVMrDQMnhZaPB9K0zSF5t9_f17d6a5nIAeM58iPA==
age: 30965
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 637 x 156, 8-bit/color RGBA, non-interlaced\012- data
Size:   16420
Md5:    4673cfc8d2708f4ebe2f821483548ccc
Sha1:   815322d33fb4298771be6a43e14b821d365766d7
Sha256: f2cd404c754d24e0721a08f4b203d5b9853c4bd229c62f339edf1f46195b2154
                                        
                                            GET /vrfttcyber/assets/images/girls/hair01_tits01_tattoo01.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 330574
date: Fri, 09 Sep 2022 01:31:57 GMT
last-modified: Thu, 02 Dec 2021 15:25:53 GMT
etag: "8d7069ee14a82c9f9139a5d08882497a"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MNX229-OPh5pBpF9oxxULNS8Uc15Xj19HOlNDJ5_IEY4owTBQWL0Zg==
age: 33933
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 790 x 1600, 8-bit colormap, non-interlaced\012- data
Size:   330574
Md5:    8d7069ee14a82c9f9139a5d08882497a
Sha1:   0310dd9990c5888f8d51b4defa3ca78ce820b3e2
Sha256: 933adcdf66e29312523119f0f868488a25e92a5b05e0443c961ca80aaeb42a9f
                                        
                                            GET /vrfttcyber/assets/images/flags/us.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 2375
last-modified: Thu, 02 Dec 2021 15:25:52 GMT
server: AmazonS3
date: Fri, 09 Sep 2022 02:57:12 GMT
etag: "a2080b2d193dbbd3cb34b32ad919da62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z16i94WNmG7nutHd1Q45dA8yuQn5GXo7AiDvXFq3uvtgItR63KGhkA==
age: 28818
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 132, 8-bit colormap, non-interlaced\012- data
Size:   2375
Md5:    a2080b2d193dbbd3cb34b32ad919da62
Sha1:   f822886642e0388d79c8f5917b41f27efbdec94b
Sha256: 5b38ab13f52bc95184012a4b6afafa3eca7a6ac03c762515b4550b4337548ca7
                                        
                                            GET /vrfttcyber/assets/images/beyblade.gif HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 36298
date: Fri, 09 Sep 2022 04:43:41 GMT
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
etag: "93a41ee339dd621452c6aa4054e8eca8"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G6SLnoatDQ-V1ndKgDdg736en4OGbtG99ghgd4fG3vGK--ucJcpApw==
age: 22429
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   36298
Md5:    93a41ee339dd621452c6aa4054e8eca8
Sha1:   a1f75cc251cbe7291cefd06fd91b4c35b6c93612
Sha256: 0ea3f03b9e168629659c281ec66fd5a82d36d7b6fd644381c18ecad41e62a5a3
                                        
                                            GET /vrfttcyber/assets/locale/style/en.css HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 192
date: Fri, 09 Sep 2022 04:43:41 GMT
last-modified: Thu, 02 Dec 2021 15:25:59 GMT
etag: "9749fa77c9872329d27a73ea48c2d4c0"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GQ7UnmgcXLVFY8w9x_l8am-hQNZlOoSehrjz_tnQ95iQ9vvt-rQdOg==
age: 22429
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   192
Md5:    9749fa77c9872329d27a73ea48c2d4c0
Sha1:   4cb73328ffbb21a8f4588d512c9cdffa11232f8d
Sha256: e75fb29290acb854de53014f67a449f915d8ea8ab263cd6ba8a0bc72023a5c8b
                                        
                                            GET /vrfttcyber/assets/images/btn.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1968
date: Fri, 09 Sep 2022 04:07:06 GMT
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
etag: "08913323d52eadb319526e6fbe2e677b"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tdZF6LinJaiW9TVZ6gorB6CEgPQUwGQ3ectO6Hwpg7sdPM6EvUrVbw==
age: 24624
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 343 x 79, 8-bit/color RGBA, non-interlaced\012- data
Size:   1968
Md5:    08913323d52eadb319526e6fbe2e677b
Sha1:   eff7964b7f5ed2ef285593fab5ed7b89e358b401
Sha256: f0a7b6d7c1ed46c5056a52e6ab470959a0671cf03b5ae22e97a37591ba14aa03
                                        
                                            GET /bundle.js HTTP/1.1 
Host: landers.of-bo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.155.108
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Sep 2022 10:57:29 GMT
x-amz-id-2: E1iZQsAhGg3SjYuTzzcBGkhQtszxLD0aCyYnpV0H/N6wLcUlGLBdyO4Sc6M4P/KQrNMAcRotfEA=
x-amz-request-id: YGXAS2QERW7Z6X0K
last-modified: Tue, 09 Aug 2022 22:05:52 GMT
etag: W/"2f68fb7cd74453a748e232155e853e64"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1881
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bie6Vgfak7WgLZlEQQb30cguwrVOV0RXkACN9dbmjdSGpb4BrB9lGqrRAFVs602rb32%2FBerdxraIJ3P0uWri7hgBtqZOn96eJl%2FLl3uPDO40N%2BkLR0AaQSr5Ban1t00LJTsEhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747f673d9f2eb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2014)
Size:   33947
Md5:    3d33f2940a6b988109868695da6e72c1
Sha1:   3f47a7af50f0d724602c5802eb932fe589bc817f
Sha256: a344c2ea22af0cdb1e4d9b9eb0edfa23d3e6ca02f33dfd423c985829ecb8c09d
                                        
                                            GET /vrfttcyber/assets/sounds/general/click2.mp3 HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 206 Partial Content
content-type: application/octet-stream
                                        
content-length: 15590
last-modified: Thu, 02 Dec 2021 15:26:03 GMT
server: AmazonS3
date: Fri, 09 Sep 2022 04:58:51 GMT
etag: "2694fd6fc680f77dcf1ae58d9b8ba926"
vary: Accept-Encoding
content-range: bytes 0-15589/15590
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gc3KC8LKxosLZhIO4ZQIPVrepvaWL-hUbyxUIqLuyVeB1YKNV7zMFg==
age: 21519
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Audio file with ID3 version 2.2.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, JntStereo\012- data
Size:   15590
Md5:    2694fd6fc680f77dcf1ae58d9b8ba926
Sha1:   6016e8fb7136ec769fbe6d120c7c97d390922564
Sha256: 4266071bbd14949a438e1d9a958cac2f0b128963b6f6e9fa96b005ed8e718f9e
                                        
                                            GET /vrfttcyber/assets/images/themes/cyber/background/bkg.jpg HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 13989
date: Fri, 09 Sep 2022 04:43:41 GMT
last-modified: Thu, 02 Dec 2021 15:26:08 GMT
etag: "d5dabdf9d18c947ea72fe90f8c39e31e"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Syh0edLMhb9efgUmE_644W-UBVeGCLeYmv9q0jwP3iF4fhLY5IRojw==
age: 22429
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1081, components 3\012- data
Size:   13989
Md5:    d5dabdf9d18c947ea72fe90f8c39e31e
Sha1:   33a5e90f4a59072ab4b3d73204fff01d6a08a0f8
Sha256: d940cab6f0a1fe6a425596757ac2a10b89fb4311acfd34aba2f075c0e2338f09
                                        
                                            GET /vrfttcyber/assets/images/browsers/firefox.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 127454
last-modified: Thu, 02 Dec 2021 15:25:36 GMT
server: AmazonS3
date: Fri, 09 Sep 2022 10:57:29 GMT
etag: "ff5982c71adc3b6a987a2192b6008949"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g99BIv1Y59DvBYz91DTUz_j9iOEG0B8w9sEf91lATmMFVCu6gvu5GA==
age: 20284
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   127454
Md5:    ff5982c71adc3b6a987a2192b6008949
Sha1:   c2819962300bfa4db9dd7ee6f22e35ea910a3808
Sha256: 612ec2b0a5a9d4b3841189d8c4af98509df5ac48eeea5ab1945dfd0e1eab78b3
                                        
                                            GET /vrfttcyber/assets/images/box.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 13243
date: Fri, 09 Sep 2022 04:02:22 GMT
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
etag: "0fcc2772acc897c48dae5c6f52093388"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3B0zvk0DUDSRAbAYmkyb9K3mprU-FC1iTX_oMjUnbYUQKxQHNKcq2Q==
age: 24908
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 747 x 644, 8-bit/color RGBA, non-interlaced\012- data
Size:   13243
Md5:    0fcc2772acc897c48dae5c6f52093388
Sha1:   c8a80e850168e1fd7b761327dd460054e7451d8e
Sha256: e73f3a488ee9e68ff4484df002b38a200aee2170617bb0746e05c7f992135805
                                        
                                            GET /vrfttcyber/assets/sounds/general/music.mp3 HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 206 Partial Content
content-type: application/octet-stream
                                        
content-length: 3165435
date: Fri, 09 Sep 2022 03:46:53 GMT
last-modified: Thu, 02 Dec 2021 15:26:05 GMT
etag: "8482f7c1977139c5f5bbb2af66e88e01"
server: AmazonS3
content-range: bytes 0-3165434/3165435
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xUGreJ-XIVL_9B4cQ8efcoCfwMgnwltDO0NdmB7xBZo6icBuIg0Oew==
age: 25837
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Audio file with ID3 version 2.2.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, JntStereo\012- data
Size:   3165435
Md5:    8482f7c1977139c5f5bbb2af66e88e01
Sha1:   0a7325177e7b98d2809f05beb496a301fb8a1d3b
Sha256: 6cb796e9dc70bd32aca90e420a8e7b3cc548569f42d876e384e0d073d3b4c7a1
                                        
                                            GET /vrfttcyber/assets/font/tomorrow.ttf HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: application/x-font-ttf
                                        
date: Fri, 09 Sep 2022 01:37:09 GMT
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
etag: W/"0a9ac70c15e2fc709830d2eccb2b8cff"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K5JMLnhSIc5dK4u5iSjGABJoCQngCl7ol7dwnVJco8iZMBvrUFWiBA==
age: 33621
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25041
Md5:    35ec2b17ad2bb55c617de4926a7e109b
Sha1:   c15d69e7347204f158bd5fb24026b9022d1b4fa6
Sha256: 0fd71ed3c467a42baf0c3bad8d506bda8efa7410d028f46fa83cfa49de2aeaf0
                                        
                                            GET /vrfttcyber/assets/images/flags/no.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 414
date: Thu, 08 Sep 2022 16:39:32 GMT
last-modified: Thu, 02 Dec 2021 15:25:47 GMT
etag: "55946900ad615ec4b62748677444f5b7"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W0-ChtHH3bxVxWHFd6s75zAYFWR11_2_Sh6ctn3BsMlGh89WnUlThA==
age: 65878
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 182, 8-bit colormap, non-interlaced\012- data
Size:   414
Md5:    55946900ad615ec4b62748677444f5b7
Sha1:   8a0f25e081a3266ef7f8ab939417d5c7d48a09d7
Sha256: c82386961fded0d9947ad3320b7ff4c066eea989d082b6409a0815ce0f9a6eb5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 10:57:29 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Oa626o-ccvtyD3wXqpMJtA9LXDi1KMvwERKN4TxACUtzD87RpkphGQ==

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 10:57:30 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 13 Sep 2022 08:09:45 GMT
ETag: "cefd0ff43e1d64ddfd08b4d96c26368e0c032613"
Last-Modified: Fri, 09 Sep 2022 08:09:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747f67464978b4eb-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    ba1074ac1fee7645ad1596a850587e8f
Sha1:   cefd0ff43e1d64ddfd08b4d96c26368e0c032613
Sha256: 82147136cd03c90dabdc7df469cc2d22ea2cc11587c50d7c3bda06b981246977
                                        
                                            GET /zcredirect?visitid=2f969522-302e-11ed-b914-1260020ac2c9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1 
Host: gaut-hil.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/zcvisitor/2f969522-302e-11ed-b914-1260020ac2c9/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=37c9e6c0-26dd-11ed-b69b-12beee04f19b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         52.45.156.125
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
date: Fri, 09 Sep 2022 10:57:28 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: uQlLTABJ
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1297
Md5:    f08888addf392a5e6ba1c8514fb668ad
Sha1:   a6ca08e60957dae9160f749cd699badb7c9dca40
Sha256: 16290cbc0f0dbeca1a5e1e885bb6eb4a9086c84b33681a6115afbb13a08d69f2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1007
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 10:57:31 GMT
Last-Modified: Fri, 09 Sep 2022 10:40:44 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ajax/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1 
Host: ajax.aspnetcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         152.199.19.160
HTTP/2 200 OK
content-type: text/css
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 7447787
cache-control: public,max-age=31536000
date: Fri, 09 Sep 2022 10:57:31 GMT
etag: "0e914f2cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (ska/F740)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19629
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   19629
Md5:    7e2bb6028f0b19917a1a2d1944fc72b1
Sha1:   e1837fc75ee2ddd24c6e1df6b309ea212b57e681
Sha256: cc6093bd7162882fd34252fb5d3e8e7d07247e3b70fad894320bf2a960abeda5
                                        
                                            GET /?utm_source=n19ck4pSWjZsA&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=wmb78c0pkd8vkqti23d3d3ls HTTP/1.1 
Host: flirtyhoookup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gaut-hil.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.67.201.85
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Fri, 09 Sep 2022 10:57:28 GMT
location: https://www.arkdcz.com/MSJ7L4/HX6G2NF/?sub1=418543&sub2=PjUasOLlIGNBIkTddZExxWomRrksAqvSKx
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
set-cookie: k=SFMyNTY.g3QAAAAEbQAAAARhdW5xdAAAAAFtAAAABTMxNTQ4bQAAAApLb3lYenJRa3JSbQAAAANoaWRtAAAAIlBqVWFzT0xsSUdOQklrVGRkWkV4eFdvbVJya3NBcXZTS3htAAAAAmhsZAADbmlsbQAAAAN1bnFtAAAADExBaExua0VCbUVjZw.fpej4s5MGtJ0iw1xBcKaXwhDGVV6jXjhGI4gFrtWqL4; path=/; expires=Sat, 09 Sep 2023 10:57:28 GMT; max-age=31536000
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2B5u8O%2BQWjNWCd0thEQxOg4bc5BJYO%2Bm1xZ9S5eLm%2FnZihsIcGpTBM8E%2B6edUPMjmznsOoVSPWdQ5Q0DTIamCQ%2FoNekN6qSAN1%2FUtXUaIK2%2BbUrojFgbxG8k0U4k5qLFaQTYEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f6738cea8b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9999
Md5:    88bc010735eef2a5f7612a52549a6407
Sha1:   a458ddd918c8734725fd62181c7d98dbc17072a1
Sha256: f0d9745e8d593b5a06d04ebd88cf7d67c7c495c9f76a60098664710fb22486c4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 10:57:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 10:57:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 10:57:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /common_tpls/compactML/css/epcjfgacs2.css HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47267-138906.415.177886e099f1454bba17fda1f281a51e&epcCID=i669FcJbIecfUae1D8G064g8tc2eM8yfu&rtid=2794886965
Cookie: PHPSESSID=4f33dfd98e84da5536f5df895b564ba6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.5
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Sep 2022 10:57:31 GMT
content-length: 8861
last-modified: Thu, 15 Jul 2021 14:49:08 GMT
etag: W/"60f04ae4-bac6"
content-encoding: gzip
section-io-cache-id: 7164883a8ba3dfe078a87b97411fd385
vary: Accept-Encoding
x-varnish: 1618688 2040496
age: 224
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: dc362910b49e6a92c673c16a1478b6a8
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   8861
Md5:    8baefa9235356383901af17857ab60c7
Sha1:   6281517070ee798472613658703156ac35c07ae4
Sha256: 3f25245183ea47e8d4b9846dd1a0412b463ae4290f4dc9650723ba9219bd82e3
                                        
                                            GET /common_tpls/images/icons/email.png HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47267-138906.415.177886e099f1454bba17fda1f281a51e&epcCID=i669FcJbIecfUae1D8G064g8tc2eM8yfu&rtid=2794886965
Cookie: PHPSESSID=4f33dfd98e84da5536f5df895b564ba6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.5
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Sep 2022 10:57:31 GMT
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:08 GMT
etag: "599b3538-4e6"
section-io-cache-id: 86005dc6133da463d685900b500d58bd
x-varnish: 2492080 2457712
age: 1131
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 2ed7f71f7d40afe2d7b429e407b2b83a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size:   1254
Md5:    a86d99b9176d82a211cfa29b2f0b353f
Sha1:   62947ddfd87e3a21869818885e4bfa4e55ad0c11
Sha256: f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
                                        
                                            GET /signup/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47267-138906.415.177886e099f1454bba17fda1f281a51e HTTP/1.1 
Host: fstlgin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.cyberslut2069.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         163.171.140.79
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Fri, 09 Sep 2022 10:57:30 GMT
server: PWS/8.3.1.0.8
set-cookie: PHPSESSID=486957ea26b4dca65647360947a6fddb; path=/; secure; SameSite=None
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47267-138906.415.177886e099f1454bba17fda1f281a51e&epcCID=i669FcJbIecfUae1D8G064g8tc2eM8yfu&rtid=2794886965
via: 1.1 PSmglsjLAX2hu177:8 (W), 1.1 PShlamstdAMS1cc96:17 (W)
x-px: ms PShlamstdAMS1cc96AMS,ms PSmglsjLAX2hu177LAX(origin)
x-ws-request-id: 631b1c1a_PShlamstdAMS1se91_38192-53399
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max speed, from Unix\012- data
Size:   47887
Md5:    849949f9a15966ea2a8e98b9f4b40cf1
Sha1:   cd75eb2b6788a72d9d697c864b589978827f9b3e
Sha256: 766918f097cdc33e9f32740f3cc421b1b3f67ba604293144982dc1a9a9a0fe51
                                        
                                            GET /common_tpls/images/icons/password.png HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47267-138906.415.177886e099f1454bba17fda1f281a51e&epcCID=i669FcJbIecfUae1D8G064g8tc2eM8yfu&rtid=2794886965
Cookie: PHPSESSID=4f33dfd98e84da5536f5df895b564ba6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.5
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Sep 2022 10:57:31 GMT
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:35:03 GMT
etag: "599c5d37-5ac"
section-io-cache-id: da1bcee0488b09a3725d57cdc6e5692f
x-varnish: 1618690 163273
age: 955
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: bd76ea69120895c84ee1c74bef462993
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size:   1452
Md5:    6f100f1cdbdce928118ffa4c9293ca5b
Sha1:   6b1a3593e792d4c00187d60560dd03fb42df1156
Sha256: 8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
                                        
                                            GET /common_tpls/js/form_support.js?v=1516308712 HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47267-138906.415.177886e099f1454bba17fda1f281a51e&epcCID=i669FcJbIecfUae1D8G064g8tc2eM8yfu&rtid=2794886965
Cookie: PHPSESSID=4f33dfd98e84da5536f5df895b564ba6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.5
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Sep 2022 10:57:31 GMT
vary: Accept-Encoding
last-modified: Tue, 19 Jan 2021 00:12:19 GMT
etag: W/"600623e3-3d1"
section-io-cache-id: b7bd170091f94c48aacc28eeb4976a36
x-varnish: 2492079 2231451
age: 1137
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 0a7f8a5287f6183eacbcf4c9045ca742
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 10:57:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Sep 2022 10:57:31 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 13 Sep 2022 09:43:19 GMT
ETag: "90ec4ee923df312baa0166f07813ca529356d606"
Last-Modified: Fri, 09 Sep 2022 09:43:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747f674dec25b4eb-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    a7da3430f4cc2f01b22cf3c1d52e73ae
Sha1:   90ec4ee923df312baa0166f07813ca529356d606
Sha256: 54841633ec583d981485afc1f631ba9ba80f7a262b4dd9a03e94dfbef712b1f6
                                        
                                            GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1 
Host: ka-p.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dngsnl.com/
Origin: https://dngsnl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.22.52
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Sep 2022 10:57:31 GMT
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 664550
accept-ranges: bytes
server: cloudflare
cf-ray: 747f674e0e63b500-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26366)
Size:   4194
Md5:    7fd743485fa194e25e2a207bff6c258a
Sha1:   97c999d752b95ee1ed6271a29aa58109dc17281e
Sha256: dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
                                        
                                            GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1 
Host: ka-p.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dngsnl.com/
Origin: https://dngsnl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.22.52
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Sep 2022 10:57:31 GMT
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 664550
accept-ranges: bytes
server: cloudflare
cf-ray: 747f674e0e62b500-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65397)
Size:   54194
Md5:    dc9270247a97f75913a5d8934c24de03
Sha1:   ed9b0fa01b552571f99d529ed355b2ba91cfc48d
Sha256: 847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
                                        
                                            GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1 
Host: ka-p.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dngsnl.com/
Origin: https://dngsnl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.22.52
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Sep 2022 10:57:31 GMT
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 664550
accept-ranges: bytes
server: cloudflare
cf-ray: 747f674e0e61b500-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27832)
Size:   2603
Md5:    eaaabd3f60063923cd5333eb1d7a20a1
Sha1:   0da69706105e28896a1f6eeaa91d5bec1b82f7f1
Sha256: f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
                                        
                                            GET /b314bdf1b3.js HTTP/1.1 
Host: kit.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dngsnl.com
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.22.52
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 09 Sep 2022 10:57:31 GMT
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxDOkOaSbBI2tu8RsiEC
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 747f674d3d23b500-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   22225
Md5:    909b873f5304f952335e0a25a5660309
Sha1:   e23696897a873943d29f65db0946f90d8e58b999
Sha256: 18f4a892b32a602423baddc6596776c0cdd85dd280d4e0a42c150fe30ae4367d
                                        
                                            GET /acct/trk/?rtid=2794886965 HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6Ijc3MGI1YmZkMzNkYTEzOTEiLCJ0ciI6IjliZGU5MTg0YTQ2ZDgzNzUzMDYxM2YxMTllNWFiMGM0IiwidGkiOjE2NjI3MjEwNDM0ODl9fQ==
traceparent: 00-9bde9184a46d837530613f119e5ab0c4-770b5bfd33da1391-01
tracestate: 3355250@nr=0-1-3355250-1103078842-770b5bfd33da1391----1662721043489
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47267-138906.415.177886e099f1454bba17fda1f281a51e&epcCID=i669FcJbIecfUae1D8G064g8tc2eM8yfu&rtid=2794886965
Cookie: PHPSESSID=4f33dfd98e84da5536f5df895b564ba6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.5
HTTP/2 200 OK
content-type: text/json;charset=UTF-8
                                        
date: Fri, 09 Sep 2022 10:57:32 GMT
content-length: 21
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 2007232
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: c210bce96147da4408ec584baae1f4af
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   21
Md5:    3a5d3ebf01adfe3c61e36937668442b2
Sha1:   50fb0ce52a3a08f3392f96a293637648232a175f
Sha256: 8c21637fffeb2275697c3509376bfb91fbd5f9be6e7d09501e6dc2d9751ee905
                                        
                                            GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2923&ck=1&ref=https://dngsnl.com/acct/epc68088/add/&ap=76&be=2355&fe=2804&dc=2801&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662721040673,%22n%22:0,%22f%22:1568,%22dn%22:1570,%22dne%22:1605,%22c%22:1605,%22s%22:1710,%22ce%22:1919,%22rq%22:1920,%22rp%22:2245,%22rpe%22:2245,%22dl%22:2251,%22di%22:2789,%22ds%22:2800,%22de%22:2802,%22dc%22:2802,%22l%22:2802,%22le%22:2805%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Fri, 09 Sep 2022 10:57:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 747f67511bd9b4f4-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=10b030bbce5b5a12; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47267-138906.415.177886e099f1454bba17fda1f281a51e&epcCID=i669FcJbIecfUae1D8G064g8tc2eM8yfu&rtid=2794886965
Cookie: PHPSESSID=4f33dfd98e84da5536f5df895b564ba6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.5
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Sep 2022 10:57:31 GMT
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:05:04 GMT
etag: W/"56b368a0-3445"
section-io-cache-id: 264817e0e52ec656924fe5962883d681
x-varnish: 2492081 1811788
age: 1139
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 1d19727244f3a571a6c5accd918bd1a0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5029
Md5:    1ad0794619bdfdcc56f6bc5377e77fa4
Sha1:   7c9117b9c763dd8d849f25d4fa7d8066f883e710
Sha256: e09058b4ff5e954bdbbe07d81c21226a00a3d7249a03e3d839714e7039bec42f
                                        
                                            GET /icon?family=Material+Icons HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 10:57:31 GMT
date: Fri, 09 Sep 2022 10:57:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?v=1 HTTP/1.1 
Host: geoip.enlistsecureup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         163.171.128.172
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Sep 2022 10:57:32 GMT
server: waf/4.31.15-0.el6
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-via: 1.1 PS-DFW-01gGZ147:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
x-ws-request-id: 631b1c1b_PSdgflkfFRA1vg90_47775-20971
set-cookie: HMF_CI=a7c1eac0a4b9c605114d3c51622b3c93cb68ff072c9cc6f1d16588212542a13744c73dc96d79bc8cb26f529c8df40c6218891861cade6f190b13f3f9439376fc32; Expires=Sun, 09-Oct-22 10:57:32 GMT; Path=/
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /ep.php/prmagms:71475/68088:415.177886e099f1454bba17fda1f281a51e HTTP/1.1 
Host: www.fst-ent-lnk.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.200.116.57
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Fri, 09 Sep 2022 10:57:30 GMT
location: https://fstlgin.com/signup/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47267-138906.415.177886e099f1454bba17fda1f281a51e
set-cookie: AWSALB=Ho6JZPCJ0rfQNgHieBG8XjbkKxdovqWm0SsSbV+pX6KxOFCqdc/FIK//wq6s2TbtrliRoRI6nQAcOQwQBfGJ7Q+kUHrDEdJggyeYOdTkkD13AUZOrsJTCM6ERlG5; Expires=Fri, 16 Sep 2022 10:57:29 GMT; Path=/ AWSALBCORS=Ho6JZPCJ0rfQNgHieBG8XjbkKxdovqWm0SsSbV+pX6KxOFCqdc/FIK//wq6s2TbtrliRoRI6nQAcOQwQBfGJ7Q+kUHrDEdJggyeYOdTkkD13AUZOrsJTCM6ERlG5; Expires=Fri, 16 Sep 2022 10:57:29 GMT; Path=/; SameSite=None; Secure vip_id=68088.47267-138906; expires=Mon, 12-Sep-2022 10:57:30 GMT; Max-Age=259200; path=/
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /common_tpls/js/validate_form_v2.js?jsv=25 HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47267-138906.415.177886e099f1454bba17fda1f281a51e&epcCID=i669FcJbIecfUae1D8G064g8tc2eM8yfu&rtid=2794886965
Cookie: PHPSESSID=4f33dfd98e84da5536f5df895b564ba6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.5
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Sep 2022 10:57:31 GMT
vary: Accept-Encoding
last-modified: Wed, 27 Jul 2022 20:38:46 GMT
etag: W/"62e1a256-5a7b"
section-io-cache-id: 1ba721aaac5ffbbcc0de5976b51630ef
x-varnish: 1618689 2103102
age: 1089
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: dae49a42a47d0499bc8381f4f9d71e88
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Poppins:wght@300;400;600&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 10:57:31 GMT
date: Fri, 09 Sep 2022 10:57:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=177886e099f1454bba17fda1f281a51e&tk=MSJ7L4 HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gaut-hil.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: text/html
                                        
last-modified: Thu, 23 Dec 2021 16:52:18 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Sep 2022 22:57:31 GMT
etag: W/"0d1c30819e500f4f596aa3421773d64f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dHAqAVsQCku5BWSNmKhmT_SLABlRMD1-7B8BAEG2z3pckRvJD9GPdw==
age: 43199
X-Firefox-Spdy: h2


--- Additional Info ---