Overview

URL www.macaubusiness.com/mna/
IP172.67.144.144
ASNCLOUDFLARENET
Location United States
Report completed2022-09-27 09:07:28 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-27 2 hogo.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 hogo.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 hogo.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 hogo.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 hogo.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 hogo.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 hogo.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 mbusiness.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 hogo.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 hogo.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 hogo.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 hogo.sgp1.digitaloceanspaces.com Sinkholed
2022-09-27 2 hogo.sgp1.digitaloceanspaces.com Sinkholed


Files

No files detected



Passive DNS (20)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS hogo.sgp1.digitaloceanspaces.com (12) 0 2022-05-19 08:48:44 UTC 2022-09-11 05:05:20 UTC 103.253.144.208 Unknown ranking
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-27 04:52:24 UTC 157.240.200.14
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.164
mnemonic passive DNS fonts.gstatic.com (7) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS mbusiness.sgp1.digitaloceanspaces.com (17) 0 2022-06-13 01:50:49 UTC 2022-09-11 05:05:20 UTC 103.253.144.208 Unknown ranking
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-27 04:52:22 UTC 64.233.162.155
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:12:16 UTC 23.36.77.32
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-27 04:39:28 UTC 142.250.74.72
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 34.217.237.91
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 04:53:17 UTC 34.120.237.76
mnemonic passive DNS www.macaubusiness.com (2) 0 2014-01-26 01:36:28 UTC 2022-09-27 03:44:09 UTC 104.21.39.107 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2022-09-27 04:15:00 UTC 93.184.220.29
mnemonic passive DNS ocsp.pki.goog (14) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-27 04:52:59 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS static.cloudflareinsights.com (1) 1294 2019-09-24 14:34:56 UTC 2022-09-27 04:35:02 UTC 104.18.47.230
mnemonic passive DNS www.macaubusiness.com (2) 0 2014-01-26 01:36:28 UTC 2022-09-27 03:44:09 UTC 172.67.144.144 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-27 07:18:49 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 05:44:40 UTC 143.204.55.27
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 04:13:22 UTC 143.204.55.49


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 172.67.144.144

Date UQ / IDS / BL URL IP
2022-09-27 09:07:28 +0000
0 - 0 - 29 www.macaubusiness.com/mna/ 172.67.144.144
2022-09-27 09:07:26 +0000
0 - 0 - 34 www.macaubusiness.com/category/mna/editorial/ 172.67.144.144

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-11-28 22:09:28 +0000
0 - 0 - 3 prelands.vikolo.live/meta/vietnam/penirumA/me (...) 104.21.28.242
2022-11-28 21:59:32 +0000
0 - 0 - 1 mikesbikes.com/ 23.227.38.32
2022-11-28 21:59:26 +0000
0 - 0 - 1 keeptosafe.top/SexyAlbum.zip?random=1233 172.67.193.24
2022-11-28 21:57:26 +0000
0 - 0 - 2 otbomks.cn/Qatarair/tb.php?bh=gw1669660683218 104.21.50.213
2022-11-28 21:57:06 +0000
0 - 0 - 1 nordstromsurvey.rest/DVLaHwuXkDzPPTAFGtcVJl0D (...) 104.21.35.194

Last 4 reports on domain: macaubusiness.com

Date UQ / IDS / BL URL IP
2022-09-27 09:07:28 +0000
0 - 0 - 29 www.macaubusiness.com/mna/ 172.67.144.144
2022-09-27 09:07:26 +0000
0 - 0 - 34 www.macaubusiness.com/category/mna/editorial/ 172.67.144.144
2022-09-11 05:05:19 +0000
0 - 0 - 25 www.macaubusiness.com/thirty-five-defendants- (...) 104.21.39.107
2022-09-11 05:05:19 +0000
0 - 0 - 26 www.macaubusiness.com/gambling-related-crime- (...) 104.21.39.107

No other reports with similar screenshot



JavaScript

Executed Scripts (61)


Executed Evals (5)

#1 JavaScript::Eval (size: 15544, repeated: 1) - SHA256: 87ee55b6a14be406e7e5057321bfa597cef65647f5277f0e2f558c08388ebc67

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var t = this || self,
        P = function(U) {
            return U
        },
        I = function(U, l) {
            if (!(l = (U = null, t.trustedTypes), l) || !l.createPolicy) return U;
            try {
                U = l.createPolicy("bg", {
                    createHTML: P,
                    createScript: P,
                    createScriptURL: P
                })
            } catch (W) {
                t.console && t.console.error(W.message)
            }
            return U
        };
    (0, eval)(function(U, l) {
        return (l = I()) && 1 === U.eval(l.createScript("1")) ? function(W) {
            return l.createScript(W)
        } : function(W) {
            return "" + W
        }
    }(t)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var f=function(U,l){U.h.splice(0,0,l)},E=function(U){return U.C?Uv(U.s,U):w(true,U,8)},u=function(U,l){if(U.C)return Uv(U.s,U);return(l=w(true,U,8),l)&128&&(l^=128,U=w(true,U,2),l=(l<<2)+(U|0)),l},WG=function(U,l,t,I){for(;l.h.length;){t=(l.T=null,l.h.pop());try{I=lY(t,l)}catch(D){S(D,l)}if(U&&l.T){(U=l.T,U)(function(){C(true,l,true)});break}}return I},tk=function(U,l){return(l=E(U),l)&128&&(l=l&127|E(U)<<7),l},C=function(U,l,t,I,D,W){if(l.h.length){l.N&&0(),l.N=true,l.cv=U;try{I=l.B(),l.Z=I,l.U=0,l.g=I,W=WG(U,l),D=l.B()-l.g,l.G+=D,D<(t?0:10)||0>=l.J--||(D=Math.floor(D),l.V.push(254>=D?D:254))}finally{l.N=false}return W}},M=function(U,l,t,I){for(I=(l|0)-1,t=[];0<=I;I--)t[(l|0)-1-(I|0)]=U>>8*I&255;return t},x=function(U,l,t){t=this;try{PG(this,U,l)}catch(I){S(I,this),U(function(D){D(t.S)})}},mr=function(U,l,t,I,D,W){if(!l.S){l.W++;try{for(W=(I=void 0,l.H),D=0;--U;)try{if((t=void 0,l).C)I=Uv(l.C,l);else{if((D=J(99,l),D)>=W)break;I=(g(l,492,D),t=u(l),J)(t,l)}y(false,false,l,(I&&I[IB]&2048?I(l,U):h([R,21,t],0,l),U))}catch(P){J(20,l)?h(P,22,l):g(l,20,P)}if(!U){if(l.hA){mr(553527590301,(l.W--,l));return}h([R,33],0,l)}}catch(P){try{h(P,22,l)}catch(V){S(V,l)}}l.W--}},V0=function(U,l,t,I){(I=(t=u(U),u)(U),K)(I,U,M(J(t,U),l))},Uv=function(U,l){return(U=U.create().shift(),l.C).create().length||l.s.create().length||(l.C=void 0,l.s=void 0),U},De=function(U,l){(l.push(U[0]<<24|U[1]<<16|U[2]<<8|U[3]),l.push(U[4]<<24|U[5]<<16|U[6]<<8|U[7]),l).push(U[8]<<24|U[9]<<16|U[10]<<8|U[11])},PG=function(U,l,t,I,D){for(U.ns=((U.AA=fi,(U.Hv=U[p],U).so=qw,U).yg=w2({get:function(){return this.concat()}},U.i),z)[U.i](U.yg,{value:{value:{}}}),I=0,D=[];128>I;I++)D[I]=String.fromCharCode(I);C(true,U,(f(U,(f(U,[((B(function(W){SV(4,W)},(B(function(W,P,V){g((P=(V=u((P=u(W),W)),J(P,W)),P=bY(P),W),V,P)},(g(U,299,[0,(B(function(W){V0(W,4)},(B(function(W,P,V,m,q){g(W,(V=(V=u((m=(P=u((q=u(W),W)),u(W)),W)),J(V,W)),m=J(m,W),P=J(P,W),q),cG(W,P,m,V))},(B(function(W,P){(W=(P=u(W),J)(P,W.I),W[0]).removeEventListener(W[1],W[2],A)},U,(B(function(W,P,V,m){g(W,(V=J((m=(V=u((P=u(W),W)),u(W)),P=J(P,W),V),W),m),P[V])},U,(B(function(W,P,V,m){g(W,(P=J((m=(P=u(W),u(W)),P),W),V=J(m,W),m),V+P)},(B(function(W,P,V,m){(m=u((V=(P=u(W),u(W)),W)),W).I==W&&(m=J(m,W),V=J(V,W),J(P,W)[V]=m,467==P&&(W.D=void 0,2==V&&(W.R=w(false,W,32),W.D=void 0)))},(g(U,(B(function(W){uY(4,W)},(B(function(W,P,V,m,q){for(m=(V=(q=tk((P=u(W),W)),[]),0);m<q;m++)V.push(E(W));g(W,P,V)},U,((B(function(W,P,V){V=(P=(V=u(W),u(W)),0!=J(V,W)),P=J(P,W),V&&g(W,99,P)},(B(function(W,P,V,m,q,e){y(false,true,W,P)||(m=Ci(W.I),q=m.o,e=q.length,V=m.v,P=m.mN,m=m.IS,q=0==e?new m[V]:1==e?new m[V](q[0]):2==e?new m[V](q[0],q[1]):3==e?new m[V](q[0],q[1],q[2]):4==e?new m[V](q[0],q[1],q[2],q[3]):2(),g(W,P,q))},U,(B((B(function(W,P,V,m){!y(false,true,W,P)&&(P=Ci(W),m=P.IS,V=P.v,W.I==W||V==W.Si&&m==W)&&(g(W,P.mN,V.apply(m,P.o)),W.Z=W.B())},(g(U,253,(B((g(U,20,(g(U,391,(B(function(W,P,V,m){g(W,(m=J((P=(m=(V=u(W),u(W)),u(W)),m),W),V=J(V,W)==m,P),+V)},((B(function(W,P,V){g(W,(V=u(W),P=u(W),P),""+J(V,W))},(B((B(function(W,P,V,m){if(P=W.Fq.pop()){for(m=E(W);0<m;m--)V=u(W),P[V]=W.F[V];W.F=(P[223]=W.F[223],P[91]=W.F[91],P)}else g(W,99,W.H)},(g((B(function(W){V0(W,1)},(g(U,(U.gT=(B(function(){},U,(B(function(W,P,V,m){g(W,(m=(V=(P=u(W),E(W)),u)(W),m),J(P,W)>>>V)},((g(U,(B(function(W,P,V,m,q,e,c,b,d,Z,Q,a){function X(N,G){for(;V<N;)b|=E(W)<<V,V+=8;return V-=N,G=b&(1<<N)-1,b>>=N,G}for(Z=(a=(d=(b=V=(Q=u(W),0),(X(3)|0)+1),X)(5),0),e=[],P=0;P<a;P++)c=X(1),e.push(c),Z+=c?0:1;for(m=(Z=((Z|0)-1).toString(2).length,[]),P=0;P<a;P++)e[P]||(m[P]=X(Z));for(Z=0;Z<a;Z++)e[Z]&&(m[Z]=u(W));for(q=[];d--;)q.push(J(u(W),W));B(function(N,G,O,k,F){for(O=(k=0,G=[],[]);k<a;k++){if(!(F=m[k],e[k])){for(;F>=O.length;)O.push(u(N));F=O[F]}G.push(F)}N.s=eV(N,(N.C=eV(N,q.slice()),G))},W,Q)},U,((g(U,(g(U,(B((g(U,(g(U,(U.Eo=(((U.H=0,U).Fq=[],U.h=((U.G=0,U).I=U,[]),U.O=(U.N=false,U.j=8001,U.D=(U.Y=1,void 0),U.J=25,U.F=[],(U.T=null,U).cv=false,U.l=[],I=(U.s=void 0,(U.lC=0,window).performance||{}),0),U.Si=(U.U=(U.Z=(U.W=0,U.K=false,0),U.L=void 0,U.g=0,U.C=(U.S=void 0,void 0),U.R=void 0,void 0),U.P=[],function(W){this.I=W}),U).V=[],I.timeOrigin||(I.timing||{}).navigationStart||0),99),0),492),0),function(W,P,V,m,q,e,c){for(q=(c=(m=(V=u(W),e=tk(W),""),J(317,W)),c).length,P=0;e--;)P=((P|0)+(tk(W)|0))%q,m+=D[c[P]];g(W,V,m)}),U,11),212),{}),396),U),U.oS=0,B)(function(W,P,V,m){g(W,(V=(m=(V=(P=u(W),u)(W),u(W)),P=J(P,W),J(V,W)),m),P in V|0)},U,446),110)),91),2048),g(U,32,H(4)),B)(function(W,P,V,m,q){(m=J((q=(q=(m=(P=u((V=u(W),W)),u(W)),u)(W),P=J(P,W),J(q,W)),m),W),V=J(V,W.I),0!==V)&&(m=cG(W,m,q,1,V,P),V.addEventListener(P,m,A),g(W,173,[V,P,m]))},U,395),U),70),45)),0),263),[160,0,0]),U),5),U),173,0),U),9),B(function(W,P,V){y(false,true,W,P)||(P=u(W),V=u(W),g(W,V,function(m){return eval(m)}(Ev(J(P,W.I)))))},U,440),function(W,P,V,m,q,e){if(!y(true,true,W,P)){if("object"==(V=J((P=J((P=(V=u((m=(q=u(W),u(W)),W)),u(W)),P),W),m=J(m,W),V),W),W=J(q,W),bY(W))){for(e in q=[],W)q.push(e);W=q}for(q=(V=0<V?V:1,e=0,W.length);e<q;e+=V)m(W.slice(e,(e|0)+(V|0)),P)}}),U,422),U),479),B)(function(W,P){P=J(u(W),W),sv(P,W.I)},U,498),U),351),0)),119)),function(W){SV(3,W)}),U,279),[])),U),83),function(W,P,V,m){g(W,(V=u((m=(P=u(W),u)(W),W)),V),J(P,W)||J(m,W))}),U,41),270)),U),267),U).ZZ=0,0)),U),194),10),n),U),333),U),359),397)),477)),U),98),g(U,223,[]),U),504),0),0]),U),305),U),329),f)(U,[Ze]),L),t]),[iY,l])),true))},g=function(U,l,t){if(99==l||492==l)U.F[l]?U.F[l].concat(t):U.F[l]=eV(U,t);else{if(U.K&&467!=l)return;263==l||32==l||253==l||223==l||299==l?U.F[l]||(U.F[l]=Mw(t,U,102,l)):U.F[l]=Mw(t,U,97,l)}467==l&&(U.R=w(false,U,32),U.D=void 0)},bY=function(U,l,t){if("object"==(t=typeof U,t))if(U){if(U instanceof Array)return"array";if(U instanceof Object)return t;if((l=Object.prototype.toString.call(U),"[object Window]")==l)return"object";if("[object Array]"==l||"number"==typeof U.length&&"undefined"!=typeof U.splice&&"undefined"!=typeof U.propertyIsEnumerable&&!U.propertyIsEnumerable("splice"))return"array";if("[object Function]"==l||"undefined"!=typeof U.call&&"undefined"!=typeof U.propertyIsEnumerable&&!U.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==t&&"undefined"==typeof U.call)return"object";return t},lY=function(U,l,t,I,D){if(I=U[0],I==r)l.J=25,l.A(U);else if(I==p){D=U[1];try{t=l.S||l.A(U)}catch(W){S(W,l),t=l.S}D(t)}else if(I==d2)l.A(U);else if(I==L)l.A(U);else if(I==iY){try{for(t=0;t<l.P.length;t++)try{D=l.P[t],D[0][D[1]](D[2])}catch(W){}}catch(W){}(0,(l.P=[],U)[1])(function(W,P){l.u(W,true,P)},function(W){((W=!l.h.length,f)(l,[IB]),W)&&C(true,l,false)})}else{if(I==Y)return t=U[2],g(l,101,U[6]),g(l,212,t),l.A(U);I==IB?(l.F=null,l.l=[],l.V=[]):I==Ze&&"loading"===n.document.readyState&&(l.T=function(W,P){function V(){P||(P=true,W())}n.document.addEventListener((P=false,"DOMContentLoaded"),V,A),n.addEventListener("load",V,A)})}},H=function(U,l){for(l=[];U--;)l.push(255*Math.random()|0);return l},aB=function(U,l,t){return U.u(function(I){t=I},false,l),t},v,sv=function(U,l){g(l,99,(l.Fq.push(l.F.slice()),l.F[99]=void 0,U))},T,K=function(U,l,t,I,D,W){if(l.I==l)for(W=J(U,l),32==U?(U=function(P,V,m,q){if((q=W.length,m=(q|0)-4>>3,W.iC)!=m){m=(m<<(V=[(W.iC=m,0),0,D[1],D[2]],3))-4;try{W.Cs=xa(Nw(W,m),V,Nw(W,(m|0)+4))}catch(e){throw e;}}W.push(W.Cs[q&7]^P)},D=J(299,l)):U=function(P){W.push(P)},I&&U(I&255),l=t.length,I=0;I<l;I++)U(t[I])},hk=function(U,l,t,I){function D(){}return{invoke:(I=Jk(U,function(W){D&&(l&&g2(l),t=W,D(),D=void 0)},(t=void 0,!!l))[0],function(W,P,V,m){function q(){t(function(e){g2(function(){W(e)})},V)}if(!P)return P=I(V),W&&W(P),P;t?q():(m=D,D=function(){g2((m(),q))})})}},SV=function(U,l,t,I,D){K(((t=(I=(t=(D=U&4,U&=3,u(l)),u)(l),J(t,l)),D)&&(t=jV(""+t)),U&&K(I,l,M(t.length,2)),I),l,t)},h=function(U,l,t,I,D,W){if(!t.K){if(3<(U=J(91,((l=((W=J(223,((I=void 0,U)&&U[0]===R&&(l=U[1],I=U[2],U=void 0),t)),0==W.length)&&(D=J(492,t)>>3,W.push(l,D>>8&255,D&255),void 0!=I&&W.push(I&255)),""),U)&&(U.message&&(l+=U.message),U.stack&&(l+=":"+U.stack)),t)),U)){(I=(l=(l=l.slice(0,(U|0)-3),U-=(l.length|0)+3,jV(l)),t.I),t).I=t;try{K(32,t,M(l.length,2).concat(l),9)}finally{t.I=I}}g(t,91,U)}},jV=function(U,l,t,I,D){for(D=(U=U.replace(/\\r\\n/g,"\\n"),I=0,[]),t=0;I<U.length;I++)l=U.charCodeAt(I),128>l?D[t++]=l:(2048>l?D[t++]=l>>6|192:(55296==(l&64512)&&I+1<U.length&&56320==(U.charCodeAt(I+1)&64512)?(l=65536+((l&1023)<<10)+(U.charCodeAt(++I)&1023),D[t++]=l>>18|240,D[t++]=l>>12&63|128):D[t++]=l>>12|224,D[t++]=l>>6&63|128),D[t++]=l&63|128);return D},w=function(U,l,t,I,D,W,P,V,m,q,e,c,b,d){if((e=J(99,l),e)>=l.H)throw[R,31];for(D=(I=l.Hv.length,b=0,t),m=e;0<D;)c=m%8,P=m>>3,W=8-(c|0),W=W<D?W:D,d=l.l[P],U&&(q=l,q.D!=m>>6&&(q.D=m>>6,V=J(467,q),q.L=xa(q.R,[0,0,V[1],V[2]],q.D)),d^=l.L[P&I]),m+=W,b|=(d>>8-(c|0)-(W|0)&(1<<W)-1)<<(D|0)-(W|0),D-=W;return g((U=b,l),99,(e|0)+(t|0)),U},uY=function(U,l,t,I){for(I=(t=u(l),0);0<U;U--)I=I<<8|E(l);g(l,t,I)},A={passive:true,capture:true},n=this||self,oB=function(U,l,t,I){try{I=U[((l|0)+2)%3],U[l]=(U[l]|0)-(U[((l|0)+1)%3]|0)-(I|0)^(1==l?I<<t:I>>>t)}catch(D){throw D;}},y=function(U,l,t,I,D,W,P,V,m){if(t.Y+=(W=(D=(P=(l||t.U++,0<t.O&&t.N)&&t.cv&&1>=t.W&&!t.C&&!t.T&&(!l||1<t.j-I)&&0==document.hidden,V=4==t.U)||P?t.B():t.Z,D-t.Z),m=W>>14,t.R&&(t.R^=m*(W<<2)),m),t.I=m||t.I,V||P)t.U=0,t.Z=D;if(!P||D-t.g<t.O-(U?255:l?5:2))return false;return!((g(t,(t.j=I,U=J(l?492:99,t),99),t.H),t.h.push([d2,U,l?I+1:I]),t).T=g2,0)},Nw=function(U,l){return U[l]<<24|U[(l|0)+1]<<16|U[(l|0)+2]<<8|U[(l|0)+3]},Mw=function(U,l,t,I,D,W,P,V){return(U=[-32,-66,-39,(P=t&(W=RB,7),-36),-61,36,U,-76,70,41],V=z[l.i](l.yg),V)[l.i]=function(m){P+=(D=m,6+7*t),P&=7},V.concat=function(m){return m=(m=(m=I%16+1,1*I*I*m+(W()|0)*m+U[P+27&7]*I*m+P-m*D-48*I*I*D- -3168*I*D+48*D*D-3552*D),U[m]),D=void 0,U[(P+37&7)+(t&2)]=m,U[P+(t&2)]=-66,m},V},J=function(U,l){if((l=l.F[U],void 0)===l)throw[R,30,U];if(l.value)return l.create();return(l.create(1*U*U+-66*U+74),l).prototype},y0=function(U,l){return[(l(function(t){t(U)}),function(){return U})]},w2=function(U,l){return z[l](z.prototype,{pop:U,length:U,propertyIsEnumerable:U,floor:U,replace:U,splice:U,call:U,document:U,stack:U,parent:U,console:U,prototype:U})},xa=function(U,l,t,I,D){for(l=l[2]|(I=l[D=0,3]|0,0);14>D;D++)t=t>>>8|t<<24,t+=U|0,U=U<<3|U>>>29,t^=l+3261,I=I>>>8|I<<24,U^=t,I+=l|0,l=l<<3|l>>>29,I^=D+3261,l^=I;return[U>>>24&255,U>>>16&255,U>>>8&255,U>>>0&255,t>>>24&255,t>>>16&255,t>>>8&255,t>>>0&255]},cG=function(U,l,t,I,D,W){function P(){if(U.I==U){if(U.F){var V=[Y,l,t,void 0,D,W,arguments];if(2==I)var m=C((f(U,V),false),U,false);else if(1==I){var q=!U.h.length;(f(U,V),q)&&C(false,U,false)}else m=lY(V,U);return m}D&&W&&D.removeEventListener(W,P,A)}}return P},B=function(U,l,t){U[g(l,t,U),Ze]=2796},g2=n.requestIdleCallback?function(U){requestIdleCallback(function(){U()},{timeout:4})}:n.setImmediate?function(U){setImmediate(U)}:function(U){setTimeout(U,0)},Q0=function(U,l){if((U=n.trustedTypes,l=null,!U)||!U.createPolicy)return l;try{l=U.createPolicy("bg",{createHTML:Ki,createScript:Ki,createScriptURL:Ki})}catch(t){n.console&&n.console.error(t.message)}return l},Jk=function(U,l,t,I){return(I=v[U.substring(0,3)+"_"])?I(U.substring(3),l,t):y0(U,l)},eV=function(U,l,t){return((t=z[U.i](U.ns),t)[U.i]=function(){return l},t).concat=function(I){l=I},t},$a=function(U,l,t){if(3==U.length){for(t=0;3>t;t++)l[t]+=U[t];for(t=[13,(U=0,8),13,12,16,5,3,10,15];9>U;U++)l[3](l,U%3,t[U])}},Ci=function(U,l,t,I,D,W){for(I=(l=u((D=(t=(W=U[Xi]||{},u)(U),W.mN=u(U),W.o=[],U).I==U?(E(U)|0)-1:1,U)),0);I<D;I++)W.o.push(u(U));for(W.IS=J(l,U);D--;)W.o[D]=J(W.o[D],U);return W.v=J(t,U),W},S=function(U,l){l.S=((l.S?l.S+"~":"E:")+U.message+":"+U.stack).slice(0,2048)},Gm=function(U,l,t,I){return J(212,(g(U,99,(((I=J(99,U),U.l&&I<U.H)?(g(U,99,U.H),sv(t,U)):g(U,99,t),mr)(l,U),I)),U))},Ki=function(U){return U},Xi=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),d2=[],Ze=[],iY=[],p=(x.prototype.Wv=void 0,x.prototype.hA=(x.prototype.xQ=void 0,false),[]),Y=(x.prototype.X="toString",[]),IB=[],R={},r=[],L=[],z=(((De,function(){})(H),function(){})(oB),$a,R.constructor),RB=(T=x.prototype,T.ps=function(U,l,t,I,D,W){for(t=(D=I=0,[]);D<U.length;D++)for(I+=l,W=W<<l|U[D];7<I;)I-=8,t.push(W>>I&255);return t},void 0);T.rT=(T.DZ=((T.u=function(U,l,t,I,D){if((t="array"===bY(t)?t:[t],this).S)U(this.S);else try{I=[],D=!this.h.length,f(this,[r,I,t]),f(this,[p,U,I]),l&&!D||C(l,this,true)}catch(W){S(W,this),U(this.S)}},T).B=(window.performance||{}).now?function(){return this.Eo+window.performance.now()}:function(){return+new Date},T.Tb=function(U,l,t,I,D){for(I=D=0;I<U.length;I++)D+=U.charCodeAt(I),D+=D<<10,D^=D>>6;return(D=(U=(D+=D<<3,D^=D>>11,D+(D<<15)>>>0),new Number(U&(1<<l)-1)),D)[0]=(U>>>l)%t,D},T.RS=(x.prototype.i="create",function(){return Math.floor(this.B())}),function(){return Math.floor(this.G+(this.B()-this.g))}),function(U,l,t){return((l^=l<<13,l^=l>>17,l=(l^l<<5)&t)||(l=1),U)^l}),x.prototype.A=function(U,l){return U=(RB=function(){return l==U?74:111},l={},{}),function(t,I,D,W,P,V,m,q,e,c,b,d,Z,Q,a){Z=l,l=U;try{if(W=t[0],W==L){P=t[1];try{for(b=(D=[],c=atob(P),q=0);q<c.length;q++)d=c.charCodeAt(q),255<d&&(D[b++]=d&255,d>>=8),D[b++]=d;g(this,467,[0,0,(this.l=D,this.H=this.l.length<<3,0)])}catch(X){h(X,17,this);return}mr(8001,this)}else if(W==r)t[1].push(J(253,this).length,J(263,this).length,J(91,this),J(32,this).length),g(this,212,t[2]),this.F[175]&&Gm(this,8001,J(175,this));else{if(W==p){this.I=(I=(Q=M(((q=t[2],J(263,this)).length|0)+2,2),this).I,this);try{e=J(223,this),0<e.length&&K(263,this,M(e.length,2).concat(e),10),K(263,this,M(this.Y,1),109),K(263,this,M(this[p].length,1)),c=0,c-=(J(263,this).length|0)+5,c+=J(391,this)&2047,V=J(32,this),4<V.length&&(c-=(V.length|0)+3),0<c&&K(263,this,M(c,2).concat(H(c)),15),4<V.length&&K(263,this,M(V.length,2).concat(V),156)}finally{this.I=I}if((b=H(2).concat(J(263,this)),b[1]=b[0]^6,b[3]=b[1]^Q[0],b)[4]=b[1]^Q[1],a=this.bC(b))a="!"+a;else for(c=0,a="";c<b.length;c++)m=b[c][this.X](16),1==m.length&&(m="0"+m),a+=m;return J(32,(g(this,91,((J(253,(D=a,this)).length=q.shift(),J(263,this)).length=q.shift(),q.shift())),this)).length=q.shift(),D}if(W==d2)Gm(this,t[2],t[1]);else if(W==Y)return Gm(this,8001,t[1])}}finally{l=Z}}}();var qw,fi=/./,pi=L.pop.bind(x.prototype[x.prototype[iY]=[0,0,1,1,0,1,1],((x.prototype.bC=function(U,l,t,I){if(l=window.btoa){for(I=(t="",0);I<U.length;I+=8192)t+=String.fromCharCode.apply(null,U.slice(I,I+8192));U=l(t).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else U=void 0;return U},x.prototype).NT=0,x).prototype.Bv=0,r]),Ev=(qw=w2({get:pi},(fi[x.prototype.X]=pi,x.prototype.i)),x.prototype.kQ=void 0,function(U,l){return(l=Q0())&&1===U.eval(l.createScript("1"))?function(t){return l.createScript(t)}:function(t){return""+t}}(n));(40<(v=n.botguard||(n.botguard={}),v.m)||(v.m=41,v.bg=hk,v.a=Jk),v).VBW_=function(U,l,t){return[(t=new x(l,U),function(I){return aB(t,I)})]};}).call(this);'));
}).call(this);
                                    

#2 JavaScript::Eval (size: 22283, repeated: 1) - SHA256: ce4900365263b173e90047c4aad8f8edb7d2e3c374018f03e832e5dedb1e189c

                                        (function() {
    var f = function(U, l) {
            U.h.splice(0, 0, l)
        },
        E = function(U) {
            return U.C ? Uv(U.s, U) : w(true, U, 8)
        },
        u = function(U, l) {
            if (U.C) return Uv(U.s, U);
            return (l = w(true, U, 8), l) & 128 && (l ^= 128, U = w(true, U, 2), l = (l << 2) + (U | 0)), l
        },
        WG = function(U, l, t, I) {
            for (; l.h.length;) {
                t = (l.T = null, l.h.pop());
                try {
                    I = lY(t, l)
                } catch (D) {
                    S(D, l)
                }
                if (U && l.T) {
                    (U = l.T, U)(function() {
                        C(true, l, true)
                    });
                    break
                }
            }
            return I
        },
        tk = function(U, l) {
            return (l = E(U), l) & 128 && (l = l & 127 | E(U) << 7), l
        },
        C = function(U, l, t, I, D, W) {
            if (l.h.length) {
                l.N && 0(), l.N = true, l.cv = U;
                try {
                    I = l.B(), l.Z = I, l.U = 0, l.g = I, W = WG(U, l), D = l.B() - l.g, l.G += D, D < (t ? 0 : 10) || 0 >= l.J-- || (D = Math.floor(D), l.V.push(254 >= D ? D : 254))
                } finally {
                    l.N = false
                }
                return W
            }
        },
        M = function(U, l, t, I) {
            for (I = (l | 0) - 1, t = []; 0 <= I; I--) t[(l | 0) - 1 - (I | 0)] = U >> 8 * I & 255;
            return t
        },
        x = function(U, l, t) {
            t = this;
            try {
                PG(this, U, l)
            } catch (I) {
                S(I, this), U(function(D) {
                    D(t.S)
                })
            }
        },
        mr = function(U, l, t, I, D, W) {
            if (!l.S) {
                l.W++;
                try {
                    for (W = (I = void 0, l.H), D = 0; --U;) try {
                        if ((t = void 0, l).C) I = Uv(l.C, l);
                        else {
                            if ((D = J(99, l), D) >= W) break;
                            I = (g(l, 492, D), t = u(l), J)(t, l)
                        }
                        y(false, false, l, (I && I[IB] & 2048 ? I(l, U) : h([R, 21, t], 0, l), U))
                    } catch (P) {
                        J(20, l) ? h(P, 22, l) : g(l, 20, P)
                    }
                    if (!U) {
                        if (l.hA) {
                            mr(553527590301, (l.W--, l));
                            return
                        }
                        h([R, 33], 0, l)
                    }
                } catch (P) {
                    try {
                        h(P, 22, l)
                    } catch (V) {
                        S(V, l)
                    }
                }
                l.W--
            }
        },
        V0 = function(U, l, t, I) {
            (I = (t = u(U), u)(U), K)(I, U, M(J(t, U), l))
        },
        Uv = function(U, l) {
            return (U = U.create().shift(), l.C).create().length || l.s.create().length || (l.C = void 0, l.s = void 0), U
        },
        De = function(U, l) {
            (l.push(U[0] << 24 | U[1] << 16 | U[2] << 8 | U[3]), l.push(U[4] << 24 | U[5] << 16 | U[6] << 8 | U[7]), l).push(U[8] << 24 | U[9] << 16 | U[10] << 8 | U[11])
        },
        PG = function(U, l, t, I, D) {
            for (U.ns = ((U.AA = fi, (U.Hv = U[p], U).so = qw, U).yg = w2({get: function() {
                        return this.concat()
                    }
                }, U.i), z)[U.i](U.yg, {
                    value: {
                        value: {}
                    }
                }), I = 0, D = []; 128 > I; I++) D[I] = String.fromCharCode(I);
            C(true, U, (f(U, (f(U, [((B(function(W) {
                SV(4, W)
            }, (B(function(W, P, V) {
                g((P = (V = u((P = u(W), W)), J(P, W)), P = bY(P), W), V, P)
            }, (g(U, 299, [0, (B(function(W) {
                V0(W, 4)
            }, (B(function(W, P, V, m, q) {
                g(W, (V = (V = u((m = (P = u((q = u(W), W)), u(W)), W)), J(V, W)), m = J(m, W), P = J(P, W), q), cG(W, P, m, V))
            }, (B(function(W, P) {
                (W = (P = u(W), J)(P, W.I), W[0]).removeEventListener(W[1], W[2], A)
            }, U, (B(function(W, P, V, m) {
                g(W, (V = J((m = (V = u((P = u(W), W)), u(W)), P = J(P, W), V), W), m), P[V])
            }, U, (B(function(W, P, V, m) {
                g(W, (P = J((m = (P = u(W), u(W)), P), W), V = J(m, W), m), V + P)
            }, (B(function(W, P, V, m) {
                (m = u((V = (P = u(W), u(W)), W)), W).I == W && (m = J(m, W), V = J(V, W), J(P, W)[V] = m, 467 == P && (W.D = void 0, 2 == V && (W.R = w(false, W, 32), W.D = void 0)))
            }, (g(U, (B(function(W) {
                uY(4, W)
            }, (B(function(W, P, V, m, q) {
                for (m = (V = (q = tk((P = u(W), W)), []), 0); m < q; m++) V.push(E(W));
                g(W, P, V)
            }, U, ((B(function(W, P, V) {
                V = (P = (V = u(W), u(W)), 0 != J(V, W)), P = J(P, W), V && g(W, 99, P)
            }, (B(function(W, P, V, m, q, e) {
                y(false, true, W, P) || (m = Ci(W.I), q = m.o, e = q.length, V = m.v, P = m.mN, m = m.IS, q = 0 == e ? new m[V] : 1 == e ? new m[V](q[0]) : 2 == e ? new m[V](q[0], q[1]) : 3 == e ? new m[V](q[0], q[1], q[2]) : 4 == e ? new m[V](q[0], q[1], q[2], q[3]) : 2(), g(W, P, q))
            }, U, (B((B(function(W, P, V, m) {
                !y(false, true, W, P) && (P = Ci(W), m = P.IS, V = P.v, W.I == W || V == W.Si && m == W) && (g(W, P.mN, V.apply(m, P.o)), W.Z = W.B())
            }, (g(U, 253, (B((g(U, 20, (g(U, 391, (B(function(W, P, V, m) {
                g(W, (m = J((P = (m = (V = u(W), u(W)), u(W)), m), W), V = J(V, W) == m, P), +V)
            }, ((B(function(W, P, V) {
                g(W, (V = u(W), P = u(W), P), "" + J(V, W))
            }, (B((B(function(W, P, V, m) {
                if (P = W.Fq.pop()) {
                    for (m = E(W); 0 < m; m--) V = u(W), P[V] = W.F[V];
                    W.F = (P[223] = W.F[223], P[91] = W.F[91], P)
                } else g(W, 99, W.H)
            }, (g((B(function(W) {
                V0(W, 1)
            }, (g(U, (U.gT = (B(function() {}, U, (B(function(W, P, V, m) {
                g(W, (m = (V = (P = u(W), E(W)), u)(W), m), J(P, W) >>> V)
            }, ((g(U, (B(function(W, P, V, m, q, e, c, b, d, Z, Q, a) {
                function X(N, G) {
                    for (; V < N;) b |= E(W) << V, V += 8;
                    return V -= N, G = b & (1 << N) - 1, b >>= N, G
                }
                for (Z = (a = (d = (b = V = (Q = u(W), 0), (X(3) | 0) + 1), X)(5), 0), e = [], P = 0; P < a; P++) c = X(1), e.push(c), Z += c ? 0 : 1;
                for (m = (Z = ((Z | 0) - 1).toString(2).length, []), P = 0; P < a; P++) e[P] || (m[P] = X(Z));
                for (Z = 0; Z < a; Z++) e[Z] && (m[Z] = u(W));
                for (q = []; d--;) q.push(J(u(W), W));
                B(function(N, G, O, k, F) {
                    for (O = (k = 0, G = [], []); k < a; k++) {
                        if (!(F = m[k], e[k])) {
                            for (; F >= O.length;) O.push(u(N));
                            F = O[F]
                        }
                        G.push(F)
                    }
                    N.s = eV(N, (N.C = eV(N, q.slice()), G))
                }, W, Q)
            }, U, ((g(U, (g(U, (B((g(U, (g(U, (U.Eo = (((U.H = 0, U).Fq = [], U.h = ((U.G = 0, U).I = U, []), U.O = (U.N = false, U.j = 8001, U.D = (U.Y = 1, void 0), U.J = 25, U.F = [], (U.T = null, U).cv = false, U.l = [], I = (U.s = void 0, (U.lC = 0, window).performance || {}), 0), U.Si = (U.U = (U.Z = (U.W = 0, U.K = false, 0), U.L = void 0, U.g = 0, U.C = (U.S = void 0, void 0), U.R = void 0, void 0), U.P = [], function(W) {
                this.I = W
            }), U).V = [], I.timeOrigin || (I.timing || {}).navigationStart || 0), 99), 0), 492), 0), function(W, P, V, m, q, e, c) {
                for (q = (c = (m = (V = u(W), e = tk(W), ""), J(317, W)), c).length, P = 0; e--;) P = ((P | 0) + (tk(W) | 0)) % q, m += D[c[P]];
                g(W, V, m)
            }), U, 11), 212), {}), 396), U), U.oS = 0, B)(function(W, P, V, m) {
                g(W, (V = (m = (V = (P = u(W), u)(W), u(W)), P = J(P, W), J(V, W)), m), P in V | 0)
            }, U, 446), 110)), 91), 2048), g(U, 32, H(4)), B)(function(W, P, V, m, q) {
                (m = J((q = (q = (m = (P = u((V = u(W), W)), u(W)), u)(W), P = J(P, W), J(q, W)), m), W), V = J(V, W.I), 0 !== V) && (m = cG(W, m, q, 1, V, P), V.addEventListener(P, m, A), g(W, 173, [V, P, m]))
            }, U, 395), U), 70), 45)), 0), 263), [160, 0, 0]), U), 5), U), 173, 0), U), 9), B(function(W, P, V) {
                y(false, true, W, P) || (P = u(W), V = u(W), g(W, V, function(m) {
                    return eval(m)
                }(Ev(J(P, W.I)))))
            }, U, 440), function(W, P, V, m, q, e) {
                if (!y(true, true, W, P)) {
                    if ("object" == (V = J((P = J((P = (V = u((m = (q = u(W), u(W)), W)), u(W)), P), W), m = J(m, W), V), W), W = J(q, W), bY(W))) {
                        for (e in q = [], W) q.push(e);
                        W = q
                    }
                    for (q = (V = 0 < V ? V : 1, e = 0, W.length); e < q; e += V) m(W.slice(e, (e | 0) + (V | 0)), P)
                }
            }), U, 422), U), 479), B)(function(W, P) {
                P = J(u(W), W), sv(P, W.I)
            }, U, 498), U), 351), 0)), 119)), function(W) {
                SV(3, W)
            }), U, 279), [])), U), 83), function(W, P, V, m) {
                g(W, (V = u((m = (P = u(W), u)(W), W)), V), J(P, W) || J(m, W))
            }), U, 41), 270)), U), 267), U).ZZ = 0, 0)), U), 194), 10), n), U), 333), U), 359), 397)), 477)), U), 98), g(U, 223, []), U), 504), 0), 0]), U), 305), U), 329), f)(U, [Ze]), L), t]), [iY, l])), true))
        },
        g = function(U, l, t) {
            if (99 == l || 492 == l) U.F[l] ? U.F[l].concat(t) : U.F[l] = eV(U, t);
            else {
                if (U.K && 467 != l) return;
                263 == l || 32 == l || 253 == l || 223 == l || 299 == l ? U.F[l] || (U.F[l] = Mw(t, U, 102, l)) : U.F[l] = Mw(t, U, 97, l)
            }
            467 == l && (U.R = w(false, U, 32), U.D = void 0)
        },
        bY = function(U, l, t) {
            if ("object" == (t = typeof U, t))
                if (U) {
                    if (U instanceof Array) return "array";
                    if (U instanceof Object) return t;
                    if ((l = Object.prototype.toString.call(U), "[object Window]") == l) return "object";
                    if ("[object Array]" == l || "number" == typeof U.length && "undefined" != typeof U.splice && "undefined" != typeof U.propertyIsEnumerable && !U.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == l || "undefined" != typeof U.call && "undefined" != typeof U.propertyIsEnumerable && !U.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == t && "undefined" == typeof U.call) return "object";
            return t
        },
        lY = function(U, l, t, I, D) {
            if (I = U[0], I == r) l.J = 25, l.A(U);
            else if (I == p) {
                D = U[1];
                try {
                    t = l.S || l.A(U)
                } catch (W) {
                    S(W, l), t = l.S
                }
                D(t)
            } else if (I == d2) l.A(U);
            else if (I == L) l.A(U);
            else if (I == iY) {
                try {
                    for (t = 0; t < l.P.length; t++) try {
                        D = l.P[t], D[0][D[1]](D[2])
                    } catch (W) {}
                } catch (W) {}(0, (l.P = [], U)[1])(function(W, P) {
                    l.u(W, true, P)
                }, function(W) {
                    ((W = !l.h.length, f)(l, [IB]), W) && C(true, l, false)
                })
            } else {
                if (I == Y) return t = U[2], g(l, 101, U[6]), g(l, 212, t), l.A(U);
                I == IB ? (l.F = null, l.l = [], l.V = []) : I == Ze && "loading" === n.document.readyState && (l.T = function(W, P) {
                    function V() {
                        P || (P = true, W())
                    }
                    n.document.addEventListener((P = false, "DOMContentLoaded"), V, A), n.addEventListener("load", V, A)
                })
            }
        },
        H = function(U, l) {
            for (l = []; U--;) l.push(255 * Math.random() | 0);
            return l
        },
        aB = function(U, l, t) {
            return U.u(function(I) {
                t = I
            }, false, l), t
        },
        v, sv = function(U, l) {
            g(l, 99, (l.Fq.push(l.F.slice()), l.F[99] = void 0, U))
        },
        T, K = function(U, l, t, I, D, W) {
            if (l.I == l)
                for (W = J(U, l), 32 == U ? (U = function(P, V, m, q) {
                        if ((q = W.length, m = (q | 0) - 4 >> 3, W.iC) != m) {
                            m = (m << (V = [(W.iC = m, 0), 0, D[1], D[2]], 3)) - 4;
                            try {
                                W.Cs = xa(Nw(W, m), V, Nw(W, (m | 0) + 4))
                            } catch (e) {
                                throw e;
                            }
                        }
                        W.push(W.Cs[q & 7] ^ P)
                    }, D = J(299, l)) : U = function(P) {
                        W.push(P)
                    }, I && U(I & 255), l = t.length, I = 0; I < l; I++) U(t[I])
        },
        hk = function(U, l, t, I) {
            function D() {}
            return {
                invoke: (I = Jk(U, function(W) {
                    D && (l && g2(l), t = W, D(), D = void 0)
                }, (t = void 0, !!l))[0], function(W, P, V, m) {
                    function q() {
                        t(function(e) {
                            g2(function() {
                                W(e)
                            })
                        }, V)
                    }
                    if (!P) return P = I(V), W && W(P), P;
                    t ? q() : (m = D, D = function() {
                        g2((m(), q))
                    })
                })
            }
        },
        SV = function(U, l, t, I, D) {
            K(((t = (I = (t = (D = U & 4, U &= 3, u(l)), u)(l), J(t, l)), D) && (t = jV("" + t)), U && K(I, l, M(t.length, 2)), I), l, t)
        },
        h = function(U, l, t, I, D, W) {
            if (!t.K) {
                if (3 < (U = J(91, ((l = ((W = J(223, ((I = void 0, U) && U[0] === R && (l = U[1], I = U[2], U = void 0), t)), 0 == W.length) && (D = J(492, t) >> 3, W.push(l, D >> 8 & 255, D & 255), void 0 != I && W.push(I & 255)), ""), U) && (U.message && (l += U.message), U.stack && (l += ":" + U.stack)), t)), U)) {
                    (I = (l = (l = l.slice(0, (U | 0) - 3), U -= (l.length | 0) + 3, jV(l)), t.I), t).I = t;
                    try {
                        K(32, t, M(l.length, 2).concat(l), 9)
                    } finally {
                        t.I = I
                    }
                }
                g(t, 91, U)
            }
        },
        jV = function(U, l, t, I, D) {
            for (D = (U = U.replace(/\r\n/g, "\n"), I = 0, []), t = 0; I < U.length; I++) l = U.charCodeAt(I), 128 > l ? D[t++] = l : (2048 > l ? D[t++] = l >> 6 | 192 : (55296 == (l & 64512) && I + 1 < U.length && 56320 == (U.charCodeAt(I + 1) & 64512) ? (l = 65536 + ((l & 1023) << 10) + (U.charCodeAt(++I) & 1023), D[t++] = l >> 18 | 240, D[t++] = l >> 12 & 63 | 128) : D[t++] = l >> 12 | 224, D[t++] = l >> 6 & 63 | 128), D[t++] = l & 63 | 128);
            return D
        },
        w = function(U, l, t, I, D, W, P, V, m, q, e, c, b, d) {
            if ((e = J(99, l), e) >= l.H) throw [R, 31];
            for (D = (I = l.Hv.length, b = 0, t), m = e; 0 < D;) c = m % 8, P = m >> 3, W = 8 - (c | 0), W = W < D ? W : D, d = l.l[P], U && (q = l, q.D != m >> 6 && (q.D = m >> 6, V = J(467, q), q.L = xa(q.R, [0, 0, V[1], V[2]], q.D)), d ^= l.L[P & I]), m += W, b |= (d >> 8 - (c | 0) - (W | 0) & (1 << W) - 1) << (D | 0) - (W | 0), D -= W;
            return g((U = b, l), 99, (e | 0) + (t | 0)), U
        },
        uY = function(U, l, t, I) {
            for (I = (t = u(l), 0); 0 < U; U--) I = I << 8 | E(l);
            g(l, t, I)
        },
        A = {
            passive: true,
            capture: true
        },
        n = this || self,
        oB = function(U, l, t, I) {
            try {
                I = U[((l | 0) + 2) % 3], U[l] = (U[l] | 0) - (U[((l | 0) + 1) % 3] | 0) - (I | 0) ^ (1 == l ? I << t : I >>> t)
            } catch (D) {
                throw D;
            }
        },
        y = function(U, l, t, I, D, W, P, V, m) {
            if (t.Y += (W = (D = (P = (l || t.U++, 0 < t.O && t.N) && t.cv && 1 >= t.W && !t.C && !t.T && (!l || 1 < t.j - I) && 0 == document.hidden, V = 4 == t.U) || P ? t.B() : t.Z, D - t.Z), m = W >> 14, t.R && (t.R ^= m * (W << 2)), m), t.I = m || t.I, V || P) t.U = 0, t.Z = D;
            if (!P || D - t.g < t.O - (U ? 255 : l ? 5 : 2)) return false;
            return !((g(t, (t.j = I, U = J(l ? 492 : 99, t), 99), t.H), t.h.push([d2, U, l ? I + 1 : I]), t).T = g2, 0)
        },
        Nw = function(U, l) {
            return U[l] << 24 | U[(l | 0) + 1] << 16 | U[(l | 0) + 2] << 8 | U[(l | 0) + 3]
        },
        Mw = function(U, l, t, I, D, W, P, V) {
            return (U = [-32, -66, -39, (P = t & (W = RB, 7), -36), -61, 36, U, -76, 70, 41], V = z[l.i](l.yg), V)[l.i] = function(m) {
                P += (D = m, 6 + 7 * t), P &= 7
            }, V.concat = function(m) {
                return m = (m = (m = I % 16 + 1, 1 * I * I * m + (W() | 0) * m + U[P + 27 & 7] * I * m + P - m * D - 48 * I * I * D - -3168 * I * D + 48 * D * D - 3552 * D), U[m]), D = void 0, U[(P + 37 & 7) + (t & 2)] = m, U[P + (t & 2)] = -66, m
            }, V
        },
        J = function(U, l) {
            if ((l = l.F[U], void 0) === l) throw [R, 30, U];
            if (l.value) return l.create();
            return (l.create(1 * U * U + -66 * U + 74), l).prototype
        },
        y0 = function(U, l) {
            return [(l(function(t) {
                t(U)
            }), function() {
                return U
            })]
        },
        w2 = function(U, l) {
            return z[l](z.prototype, {
                pop: U,
                length: U,
                propertyIsEnumerable: U,
                floor: U,
                replace: U,
                splice: U,
                call: U,
                document: U,
                stack: U,
                parent: U,
                console: U,
                prototype: U
            })
        },
        xa = function(U, l, t, I, D) {
            for (l = l[2] | (I = l[D = 0, 3] | 0, 0); 14 > D; D++) t = t >>> 8 | t << 24, t += U | 0, U = U << 3 | U >>> 29, t ^= l + 3261, I = I >>> 8 | I << 24, U ^= t, I += l | 0, l = l << 3 | l >>> 29, I ^= D + 3261, l ^= I;
            return [U >>> 24 & 255, U >>> 16 & 255, U >>> 8 & 255, U >>> 0 & 255, t >>> 24 & 255, t >>> 16 & 255, t >>> 8 & 255, t >>> 0 & 255]
        },
        cG = function(U, l, t, I, D, W) {
            function P() {
                if (U.I == U) {
                    if (U.F) {
                        var V = [Y, l, t, void 0, D, W, arguments];
                        if (2 == I) var m = C((f(U, V), false), U, false);
                        else if (1 == I) {
                            var q = !U.h.length;
                            (f(U, V), q) && C(false, U, false)
                        } else m = lY(V, U);
                        return m
                    }
                    D && W && D.removeEventListener(W, P, A)
                }
            }
            return P
        },
        B = function(U, l, t) {
            U[g(l, t, U), Ze] = 2796
        },
        g2 = n.requestIdleCallback ? function(U) {
            requestIdleCallback(function() {
                U()
            }, {
                timeout: 4
            })
        } : n.setImmediate ? function(U) {
            setImmediate(U)
        } : function(U) {
            setTimeout(U, 0)
        },
        Q0 = function(U, l) {
            if ((U = n.trustedTypes, l = null, !U) || !U.createPolicy) return l;
            try {
                l = U.createPolicy("bg", {
                    createHTML: Ki,
                    createScript: Ki,
                    createScriptURL: Ki
                })
            } catch (t) {
                n.console && n.console.error(t.message)
            }
            return l
        },
        Jk = function(U, l, t, I) {
            return (I = v[U.substring(0, 3) + "_"]) ? I(U.substring(3), l, t) : y0(U, l)
        },
        eV = function(U, l, t) {
            return ((t = z[U.i](U.ns), t)[U.i] = function() {
                return l
            }, t).concat = function(I) {
                l = I
            }, t
        },
        $a = function(U, l, t) {
            if (3 == U.length) {
                for (t = 0; 3 > t; t++) l[t] += U[t];
                for (t = [13, (U = 0, 8), 13, 12, 16, 5, 3, 10, 15]; 9 > U; U++) l[3](l, U % 3, t[U])
            }
        },
        Ci = function(U, l, t, I, D, W) {
            for (I = (l = u((D = (t = (W = U[Xi] || {}, u)(U), W.mN = u(U), W.o = [], U).I == U ? (E(U) | 0) - 1 : 1, U)), 0); I < D; I++) W.o.push(u(U));
            for (W.IS = J(l, U); D--;) W.o[D] = J(W.o[D], U);
            return W.v = J(t, U), W
        },
        S = function(U, l) {
            l.S = ((l.S ? l.S + "~" : "E:") + U.message + ":" + U.stack).slice(0, 2048)
        },
        Gm = function(U, l, t, I) {
            return J(212, (g(U, 99, (((I = J(99, U), U.l && I < U.H) ? (g(U, 99, U.H), sv(t, U)) : g(U, 99, t), mr)(l, U), I)), U))
        },
        Ki = function(U) {
            return U
        },
        Xi = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        d2 = [],
        Ze = [],
        iY = [],
        p = (x.prototype.Wv = void 0, x.prototype.hA = (x.prototype.xQ = void 0, false), []),
        Y = (x.prototype.X = "toString", []),
        IB = [],
        R = {},
        r = [],
        L = [],
        z = (((De, function() {})(H), function() {})(oB), $a, R.constructor),
        RB = (T = x.prototype, T.ps = function(U, l, t, I, D, W) {
            for (t = (D = I = 0, []); D < U.length; D++)
                for (I += l, W = W << l | U[D]; 7 < I;) I -= 8, t.push(W >> I & 255);
            return t
        }, void 0);
    T.rT = (T.DZ = ((T.u = function(U, l, t, I, D) {
        if ((t = "array" === bY(t) ? t : [t], this).S) U(this.S);
        else try {
            I = [], D = !this.h.length, f(this, [r, I, t]), f(this, [p, U, I]), l && !D || C(l, this, true)
        } catch (W) {
            S(W, this), U(this.S)
        }
    }, T).B = (window.performance || {}).now ? function() {
        return this.Eo + window.performance.now()
    } : function() {
        return +new Date
    }, T.Tb = function(U, l, t, I, D) {
        for (I = D = 0; I < U.length; I++) D += U.charCodeAt(I), D += D << 10, D ^= D >> 6;
        return (D = (U = (D += D << 3, D ^= D >> 11, D + (D << 15) >>> 0), new Number(U & (1 << l) - 1)), D)[0] = (U >>> l) % t, D
    }, T.RS = (x.prototype.i = "create", function() {
        return Math.floor(this.B())
    }), function() {
        return Math.floor(this.G + (this.B() - this.g))
    }), function(U, l, t) {
        return ((l ^= l << 13, l ^= l >> 17, l = (l ^ l << 5) & t) || (l = 1), U) ^ l
    }), x.prototype.A = function(U, l) {
        return U = (RB = function() {
                return l == U ? 74 : 111
            }, l = {}, {}),
            function(t, I, D, W, P, V, m, q, e, c, b, d, Z, Q, a) {
                Z = l, l = U;
                try {
                    if (W = t[0], W == L) {
                        P = t[1];
                        try {
                            for (b = (D = [], c = atob(P), q = 0); q < c.length; q++) d = c.charCodeAt(q), 255 < d && (D[b++] = d & 255, d >>= 8), D[b++] = d;
                            g(this, 467, [0, 0, (this.l = D, this.H = this.l.length << 3, 0)])
                        } catch (X) {
                            h(X, 17, this);
                            return
                        }
                        mr(8001, this)
                    } else if (W == r) t[1].push(J(253, this).length, J(263, this).length, J(91, this), J(32, this).length), g(this, 212, t[2]), this.F[175] && Gm(this, 8001, J(175, this));
                    else {
                        if (W == p) {
                            this.I = (I = (Q = M(((q = t[2], J(263, this)).length | 0) + 2, 2), this).I, this);
                            try {
                                e = J(223, this), 0 < e.length && K(263, this, M(e.length, 2).concat(e), 10), K(263, this, M(this.Y, 1), 109), K(263, this, M(this[p].length, 1)), c = 0, c -= (J(263, this).length | 0) + 5, c += J(391, this) & 2047, V = J(32, this), 4 < V.length && (c -= (V.length | 0) + 3), 0 < c && K(263, this, M(c, 2).concat(H(c)), 15), 4 < V.length && K(263, this, M(V.length, 2).concat(V), 156)
                            } finally {
                                this.I = I
                            }
                            if ((b = H(2).concat(J(263, this)), b[1] = b[0] ^ 6, b[3] = b[1] ^ Q[0], b)[4] = b[1] ^ Q[1], a = this.bC(b)) a = "!" + a;
                            else
                                for (c = 0, a = ""; c < b.length; c++) m = b[c][this.X](16), 1 == m.length && (m = "0" + m), a += m;
                            return J(32, (g(this, 91, ((J(253, (D = a, this)).length = q.shift(), J(263, this)).length = q.shift(), q.shift())), this)).length = q.shift(), D
                        }
                        if (W == d2) Gm(this, t[2], t[1]);
                        else if (W == Y) return Gm(this, 8001, t[1])
                    }
                } finally {
                    l = Z
                }
            }
    }();
    var qw, fi = /./,
        pi = L.pop.bind(x.prototype[x.prototype[iY] = [0, 0, 1, 1, 0, 1, 1], ((x.prototype.bC = function(U, l, t, I) {
            if (l = window.btoa) {
                for (I = (t = "", 0); I < U.length; I += 8192) t += String.fromCharCode.apply(null, U.slice(I, I + 8192));
                U = l(t).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else U = void 0;
            return U
        }, x.prototype).NT = 0, x).prototype.Bv = 0, r]),
        Ev = (qw = w2({get: pi
        }, (fi[x.prototype.X] = pi, x.prototype.i)), x.prototype.kQ = void 0, function(U, l) {
            return (l = Q0()) && 1 === U.eval(l.createScript("1")) ? function(t) {
                return l.createScript(t)
            } : function(t) {
                return "" + t
            }
        }(n));
    (40 < (v = n.botguard || (n.botguard = {}), v.m) || (v.m = 41, v.bg = hk, v.a = Jk), v).VBW_ = function(U, l, t) {
        return [(t = new x(l, U), function(I) {
            return aB(t, I)
        })]
    };
}).call(this);
                                    

#3 JavaScript::Eval (size: 22, repeated: 1) - SHA256: cddf3e74bfb30b711ab78ab593d81b8eeaceb67583ef5cb097cb54dcb14f24ce

                                        0,
function(W) {
    uY(1, W)
}
                                    

#4 JavaScript::Eval (size: 64, repeated: 1) - SHA256: f9b61a95c5995b1614d5988fe5a9aeebaa6ed941137234bd00d42e77f5661756

                                        0,
function(W, P, V) {
    g(W, (V = (P = (V = u(W), u(W)), W.F[V] && J(V, W)), P), V)
}
                                    

#5 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 590040aae3e25b40a2c334846d348c384c60ede4211a4373be806ca2ee55d9f9

                                        0,
function(W) {
    uY(2, W)
}
                                    

Executed Writes (0)



HTTP Transactions (84)


Request Response
                                        
                                            GET /mna/ HTTP/1.1 
Host: www.macaubusiness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.39.107
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 27 Sep 2022 09:07:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 10:07:16 GMT
Location: https://www.macaubusiness.com/mna/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Lng7gFiqmk8D1E%2BF%2FQQjdwzsUZTLSLbUsI4tlKPbpDak5RNYgVDpeYms1aCKWibkDzXCWWwy0drsFJhV%2BPJMsNF5MalR%2Bd8xMWG0dutsVl%2FxkUYY6L2CUpkj7ME6yjGMLbixbSNe84%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7513168d6ae0b511-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 08:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wwflTVsMK38xuidPcYPsRC-1vzKvfjNeWiMm-MVEwhPSNHTfw4WyLg==
Age: 3106


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12123
Expires: Tue, 27 Sep 2022 12:29:19 GMT
Date: Tue, 27 Sep 2022 09:07:16 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
date: Mon, 26 Sep 2022 09:17:07 GMT
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9vMYoF7ME8uzIsPqDIEnDJhCzdJTpEHxwl6qEa5qAyy9zmWMqlq9bg==
age: 85810
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 09:07:17 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 08:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 08:38:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tj5gsz385JDHAcC92v_bxema1lacd36ehjC3sN5FUN1OIEy5KOOtaw==
Age: 3391


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5375
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 09:07:17 GMT
Last-Modified: Tue, 27 Sep 2022 07:37:42 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max speed, from Unix\012- data
Size:   36506
Md5:    d45641340702b8e832814ea60b6696b8
Sha1:   9e6c8f44c5cd5e6436f64a1e0f410fc507d51ab2
Sha256: c734cbc9e33a065ddd655206cb2880e519f41ef384952e0f8a0601f1291aa9fd
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +zI2SRKiFRz4vjvu4oK3mw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.217.237.91
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: o0+Dc9IPFr4pUGIiofatQvIjTBI=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-105852722-2 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 09:07:17 GMT
expires: Tue, 27 Sep 2022 09:07:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42223
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   42880
Md5:    53a0767f585b51acbfd365d42e319960
Sha1:   e06c0cf60ec6fcb3daf89ca2f756653974624ba6
Sha256: 70dd22147efbf2eee297b395e15b1857e24812890eaaa3501d24237f39d68f58
                                        
                                            GET /recaptcha/api.js?render=6Lc2O5oUAAAAAKU6zY0OKurU2q-MCFM2Uf1vyAEe&ver=3.0 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Tue, 27 Sep 2022 09:07:18 GMT
date: Tue, 27 Sep 2022 09:07:18 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   586
Md5:    f103e88b4edc85557d4db7944cae2621
Sha1:   34947ad0f29701ea6be3e9c531e8fba54ec28671
Sha256: 021576fa7ef7dedb666e3fa4e3e4a545499828934ab08907589006b9df8841f7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   808
Md5:    143f5a499114d6e1fef857592335b223
Sha1:   7559653a5836f602ef1d0bc8928e10e9f56e8d4c
Sha256: 8cdbb6973e34d7e6ae665618405125140911b9a7557653c8b88ce4495cbccb4a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max speed, from Unix\012- data
Size:   23331
Md5:    558606c98313a2d61611754b2731295f
Sha1:   6310654e92f76b71aad1ac9e417786b643dce959
Sha256: 01453f97f72458e3aa632322b500d3d545d5d190e187796e6f7974ea839392b8
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macaubusiness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
age: 227153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macaubusiness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:48:16 GMT
expires: Thu, 21 Sep 2023 19:48:16 GMT
cache-control: public, max-age=31536000
age: 479942
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17336, version 1.0\012- data
Size:   17336
Md5:    eec8dbfc49267c4d33cf31b49661bf37
Sha1:   0f49d4563cf9e22e3af6907d0785b9a6facadbf0
Sha256: 661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
                                        
                                            GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macaubusiness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:47:56 GMT
expires: Thu, 21 Sep 2023 19:47:56 GMT
cache-control: public, max-age=31536000
age: 479962
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size:   17368
Md5:    abe083d96b58eb02ada8b7c30d7b09f2
Sha1:   61447d66d13a8c8f4335696777a85c438c46f749
Sha256: db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   4461
Md5:    6c43d088b08dd72072e8d006b9d23347
Sha1:   4e35b067729c52bd9d6e43ff4d788971ad5830b0
Sha256: e9274580e4dd8800cfb2f60a8b45250d5bb03eb2da5f8eba7033e4e6dd05cf2f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macaubusiness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 18:14:12 GMT
expires: Mon, 25 Sep 2023 18:14:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 139986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macaubusiness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 480790
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macaubusiness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 480790
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.macaubusiness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 18:59:14 GMT
expires: Tue, 26 Sep 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 50884
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size:   47952
Md5:    17b406b7b8caa297435fa358e194f5a1
Sha1:   e2132f0e97781af56fa966c0fabb49132f2af203
Sha256: 84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4641
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 09:07:18 GMT
Last-Modified: Tue, 27 Sep 2022 07:49:57 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2775
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 09:07:18 GMT
Last-Modified: Tue, 27 Sep 2022 08:21:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2739
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 09:07:18 GMT
Last-Modified: Tue, 27 Sep 2022 08:21:40 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4641
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 09:07:18 GMT
Last-Modified: Tue, 27 Sep 2022 07:49:57 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 650
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 09:07:18 GMT
Last-Modified: Tue, 27 Sep 2022 08:56:28 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /macaubusiness/wp-content/uploads/2022/09/Screenshot-2022-09-27-at-9.28.04-AM-270x152.png HTTP/1.1 
Host: hogo.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 54637
accept-ranges: bytes
last-modified: Tue, 27 Sep 2022 08:28:20 GMT
x-rgw-object-type: Normal
etag: "1b8df9d2e19116513ff933cda1703b96"
cache-control: max-age=31536000
expires: Wed, 27 Sep 2023 08:28:19 GMT
x-amz-request-id: tx000000000000051a569aa-006332bd46-1cd0b581-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 270 x 152, 8-bit/color RGBA, non-interlaced\012- data
Size:   54637
Md5:    1b8df9d2e19116513ff933cda1703b96
Sha1:   304e5932952974f7c4821082a173ab279cdea277
Sha256: 12828494ef645661ac96a2c227978ac01d9dede8d98533dc4b734536356187b1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /macaubusiness/wp-content/uploads/2022/08/Alleg-266x150.jpg HTTP/1.1 
Host: hogo.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 21790
accept-ranges: bytes
last-modified: Thu, 18 Aug 2022 09:02:22 GMT
x-rgw-object-type: Normal
etag: "c7e8f0368527fd44fbd0d472b5b42485"
cache-control: max-age=31536000
expires: Fri, 18 Aug 2023 09:02:22 GMT
x-amz-request-id: tx000000000000051a771bf-006332bd46-1cd07f07-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 266x150, components 3\012- data
Size:   21790
Md5:    c7e8f0368527fd44fbd0d472b5b42485
Sha1:   037b0e072a940629ba1bf30e4ac000d4969f2abf
Sha256: a9b962422b162c217031eee2eaf709f3b28887f3799c61ce80b6df230b73a2dc

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18146
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 09:07:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18146
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 09:07:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18146
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 09:07:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, max speed, from Unix\012- data
Size:   15297
Md5:    4ba987bfb7125fe7c127e39be4eb617e
Sha1:   35bf3a8da2c3c6278edc6d6701f1ffa22b8ea581
Sha256: a23e2a1aa4a8502fcc87037d911a7b19a0ac37fc69324d74ecf176a7cd90fcd2
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18146
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 09:07:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18146
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 09:07:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   25907
Md5:    ca05a2a21d74dafd3f869fbeab92e7d6
Sha1:   f8c062844e7d361da014c08f91cc44f3df22472d
Sha256: 79dd3c13d65d0b5eb1a98ce09dd96ead7f53fb6eda63446ce206d32aaf3d25b5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qkOlqM6tJ90H9572YLE0J-s79edBSceM5hLbJtyyuH86xdW8juoktA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:28:31 GMT
age: 70728
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8255
Md5:    fa70ece15044b7318cb11ae5e37a64e7
Sha1:   04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
Sha256: 8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11881
x-amzn-requestid: 4562e550-9c0f-407b-be2a-3c5d8901d444
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2apSEPuIAMF5TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0b08-5c5f052f146d25a7190412d1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:13:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EAiLlHN2h6EPX0idrlQG4TIyGBMt_In0_Tpy79foal99j4xoRasO-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:23:49 GMT
age: 38610
etag: "3b660de9902fbfcf2efb477f40480b08545ebc5f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11881
Md5:    91d97447a6a35813e57d942f685544c4
Sha1:   3b660de9902fbfcf2efb477f40480b08545ebc5f
Sha256: 08c1ea19c4918273da12c9a2e962edf4463c486a30f60c8a279a45e5edcf972a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 40681
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4573
x-amzn-requestid: ff35a66a-caf2-4ff4-b850-01a584fc2aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8FzLIAMFSPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-5b4a410a2827baf5598d58e7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NFjYOqhUeb3yyjMNWpoBNq_xcsX3wXvc3-rqJt4cGbJXY9Sxr5KpDA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 15:29:19 GMT
age: 63480
etag: "9f99fa947a603fd6b10ff149e379cd04ad83d27a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4573
Md5:    efaaa002eb6251769ea6dbf306ced3a1
Sha1:   9f99fa947a603fd6b10ff149e379cd04ad83d27a
Sha256: 238e0ca1aa29223416c34ef2dfcc6570c00e27a98991d91efc16e9bc4083c197
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7701
x-amzn-requestid: 63bfd7b5-f18e-4396-99a8-fb24dee1ee0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGCmmGswoAMF2zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324af6-04fa1b18525182b7213f844c;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:59:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KT47E-2_0O70MgMbGzSjvVaFrWwQybXKo_dkWMw2vnqBElOZtT_Big==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
age: 28884
etag: "2f7876bd0e4b52aa04ccf1c2a45359156eaefb97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7701
Md5:    9ff2dbdbf6d450f0d9774777b3c5aa6e
Sha1:   2f7876bd0e4b52aa04ccf1c2a45359156eaefb97
Sha256: 4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 41072
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /2019/12/mna-logo-black%402x.png HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 5670
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 04:54:14 GMT
x-rgw-object-type: Normal
etag: "7a986ee938f3fee9ecc4291ec888881b"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 04:54:14 GMT
x-amz-request-id: tx000000000000051a56a0b-006332bd46-1cd0b581-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 255 x 115, 8-bit/color RGBA, non-interlaced\012- data
Size:   5670
Md5:    7a986ee938f3fee9ecc4291ec888881b
Sha1:   832ecbec360dc0a1a09d091852b080c120f45d6c
Sha256: b9d8fc904134726e27f8f1e0591bec31b20a34414d6dd988fdc8812272b2824b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2020/11/Panoramic-panor%C3%A2mica-macau-patane-view-landscape-266x150.jpg HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 12164
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 14:55:35 GMT
x-rgw-object-type: Normal
etag: "2b332ce85e1e84f94b202133cebc7d44"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 14:55:34 GMT
x-amz-request-id: tx000000000000051a56a09-006332bd46-1cd0b581-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 266x150, components 3\012- data
Size:   12164
Md5:    2b332ce85e1e84f94b202133cebc7d44
Sha1:   0258703b60ab24520259d745f0d7f6f6832e05b2
Sha256: 07af12b864f10d67aa750db8e85bd8be91690c6f51fa3b4a021a3f5a3072781a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/12/Wynn_Macau_logo2.png HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 67219
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 04:54:07 GMT
x-rgw-object-type: Normal
etag: "b4c8f9aa2e137fd2414f5f150bf72cd5"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 04:54:06 GMT
x-amz-request-id: tx000000000000051a771e5-006332bd46-1cd07f07-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 436 x 436, 8-bit/color RGBA, non-interlaced\012- data
Size:   67219
Md5:    b4c8f9aa2e137fd2414f5f150bf72cd5
Sha1:   60d96f4c8233d9782ba1a3fa116309fff9eae66f
Sha256: 825dfac3563427d1a571678dabc0ac1934726ac3e458c62a95c0c2c3b7f37b6e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /macaubusiness/wp-content/uploads/2022/06/CE06521F-95AF-48E6-B9D3-8F297612A3F2-266x150.jpeg HTTP/1.1 
Host: hogo.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 40852
accept-ranges: bytes
last-modified: Thu, 16 Jun 2022 16:00:29 GMT
x-rgw-object-type: Normal
etag: "163d1619e5ca8f3e7017023b22b7b7ba"
cache-control: max-age=31536000
expires: Fri, 16 Jun 2023 16:00:29 GMT
x-amz-request-id: tx000000000000051abbd89-006332bd46-1ccfd03d-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 266x150, components 3\012- data
Size:   40852
Md5:    163d1619e5ca8f3e7017023b22b7b7ba
Sha1:   5121efafa1b4395c9cd8df5ec54d5d0a84e24645
Sha256: ac768dd28855541107d033b3c01100df17d85b34f65b5599768c7f0eecd89a3f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /macaubusiness/wp-content/uploads/2022/08/Tourism-Macau-August-3-copy-270x152.jpg HTTP/1.1 
Host: hogo.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 31077
accept-ranges: bytes
last-modified: Sun, 28 Aug 2022 04:14:20 GMT
x-rgw-object-type: Normal
etag: "2b637683c4139d0090587203f857c323"
cache-control: max-age=31536000
expires: Mon, 28 Aug 2023 04:14:19 GMT
x-amz-request-id: tx000000000000051a569b0-006332bd46-1cd0b581-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 270x152, components 3\012- data
Size:   31077
Md5:    2b637683c4139d0090587203f857c323
Sha1:   addfcc48bce39ff40bbfc4eb912b0dffb508b177
Sha256: d1f850654b7dda965c9f119c9a6c60186d5a74576e44a0916d51d56f8d1abbc7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /macaubusiness/wp-content/uploads/2022/09/63325b8ef3e89d917eea7d23_570x-270x152.jpg HTTP/1.1 
Host: hogo.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 25580
accept-ranges: bytes
last-modified: Tue, 27 Sep 2022 05:06:53 GMT
x-rgw-object-type: Normal
etag: "2715627cf234718e466e3d597600e475"
cache-control: max-age=31536000
expires: Wed, 27 Sep 2023 05:06:53 GMT
x-amz-request-id: tx000000000000051a7718b-006332bd46-1cd07f07-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 270x152, components 3\012- data
Size:   25580
Md5:    2715627cf234718e466e3d597600e475
Sha1:   5e3de8ff958d179278260d731a8afa564aa8b7c5
Sha256: a0d3c15a21911820620d0c39c5b057d4ce2e721e491baee0ba24a777d30ecdba

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /macaubusiness/wp-content/uploads/2022/09/Screen-Shot-2022-09-21-at-11.45.05-AM-266x150.png HTTP/1.1 
Host: hogo.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 51906
accept-ranges: bytes
last-modified: Wed, 21 Sep 2022 03:45:45 GMT
x-rgw-object-type: Normal
etag: "70a39769e6626982ca77408a04519b4e"
cache-control: max-age=31536000
expires: Thu, 21 Sep 2023 03:45:45 GMT
x-amz-request-id: tx000000000000051a99b57-006332bd46-1cd01b00-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 266 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   51906
Md5:    70a39769e6626982ca77408a04519b4e
Sha1:   49454bbc597815ea5374a2e2d7a3294c5d719ca6
Sha256: 39473673c9f5de0eee70f6e5ad5217e79e408e36a7284d736959060b0330f2a5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/12/Altira_Macau_logo2.png HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 96919
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 04:52:57 GMT
x-rgw-object-type: Normal
etag: "90e17d34d4ff1f59a5228e3f7225962c"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 04:52:57 GMT
x-amz-request-id: tx000000000000051a99bb5-006332bd46-1cd01b00-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 461 x 461, 8-bit/color RGBA, non-interlaced\012- data
Size:   96919
Md5:    90e17d34d4ff1f59a5228e3f7225962c
Sha1:   cf1ff9ddfa825aa9e424a5b3bdb6e8efe09b3060
Sha256: 7fa6340775ca40aa616195fbcff228e5964eee46020031ac3f9abe9048a8955d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/07/WhatsApp-Image-2019-07-17-at-15.29.55-270x152.jpeg HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 10415
accept-ranges: bytes
last-modified: Wed, 06 Oct 2021 22:52:07 GMT
x-rgw-object-type: Normal
etag: "cdb2e19a9805d5688da663ca2dae308e"
cache-control: max-age=31536000
expires: Thu, 06 Oct 2022 22:52:05 GMT
x-amz-request-id: tx000000000000051abbdb2-006332bd46-1ccfd03d-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 270x152, components 3\012- data
Size:   10415
Md5:    cdb2e19a9805d5688da663ca2dae308e
Sha1:   41cdaea92bbfc9c0c5c0aecc00bd30fd397687f6
Sha256: 4acc96f08cd5437ed6dbe5fdcc1f3b71c9e81c2020e3986ad1f69f5847b3f24e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/12/Galaxy_Macau_logo2.png HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 61766
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 04:53:06 GMT
x-rgw-object-type: Normal
etag: "f31f460b7d5184017b7267b55d21cc4c"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 04:53:06 GMT
x-amz-request-id: tx000000000000051a569ac-006332bd46-1cd0b581-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 268 x 268, 8-bit/color RGBA, non-interlaced\012- data
Size:   61766
Md5:    f31f460b7d5184017b7267b55d21cc4c
Sha1:   d159196aff59a8a8185b55bdd013a509e5529071
Sha256: b90524f8ecef34904ac64cfc4f62d5ea9f1f3e31abbc3eb8f631b04a798d62c4

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/12/Grand_Coloane-Resort_logo2-1-696x135.png HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 93186
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 04:53:23 GMT
x-rgw-object-type: Normal
etag: "4f70352dc5d50128c1f915f40b4aa931"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 04:53:18 GMT
x-amz-request-id: tx000000000000051a771e6-006332bd46-1cd07f07-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 696 x 135, 8-bit/color RGBA, non-interlaced\012- data
Size:   93186
Md5:    4f70352dc5d50128c1f915f40b4aa931
Sha1:   0c3288e2e8e1dc8830eccc92463e7498878857df
Sha256: 4d696a63641624f70ef1595864d777515ee49539f3b248ac25cd067a84bd39fb

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/12/StarWorld_logo2.png HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 186759
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 04:53:59 GMT
x-rgw-object-type: Normal
etag: "bc5a1ed21765769a17646a4e18af0c68"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 04:53:59 GMT
x-amz-request-id: tx000000000000051abbd53-006332bd46-1ccfd03d-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 567 x 567, 8-bit/color RGBA, non-interlaced\012- data
Size:   186759
Md5:    bc5a1ed21765769a17646a4e18af0c68
Sha1:   497d097b732fcf71069a5ba0ea1c141fb8249208
Sha256: 6122942e044d8f3217729758e2c60c11fa6f9fd7222dd1b0ea5238bdf0810400

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/12/Hotel_Lisboa_logo2.png HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 66234
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 04:53:42 GMT
x-rgw-object-type: Normal
etag: "a0552b841f7d319dec32a8854f8e7d4f"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 04:53:42 GMT
x-amz-request-id: tx000000000000051a99b56-006332bd46-1cd01b00-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size:   66234
Md5:    a0552b841f7d319dec32a8854f8e7d4f
Sha1:   8151afb4bf9d6ef6a48989a60317d8bb58b84a50
Sha256: 01b9f422d1d560e5c6e5233ed71f749a14e725c193dcbca8d6ef180aadb5d245

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/12/MGM_Cotai_logo2.png HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 70756
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 04:53:50 GMT
x-rgw-object-type: Normal
etag: "3883c43e7aef73a457354a519f1f1245"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 04:53:49 GMT
x-amz-request-id: tx000000000000051a77188-006332bd46-1cd07f07-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size:   70756
Md5:    3883c43e7aef73a457354a519f1f1245
Sha1:   305891ca23e3f763bfdffc5acf8d13f80a8be949
Sha256: ff7924d27caa5df506940231dab0c8ba82f5b9745dba0f47a26b32d35cffdace

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/12/MGM_Macau_logo2.png HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 77954
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 04:53:54 GMT
x-rgw-object-type: Normal
etag: "9e371fdf02a26a8cc25716c494f16192"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 04:53:54 GMT
x-amz-request-id: tx000000000000051abbd54-006332bd46-1ccfd03d-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size:   77954
Md5:    9e371fdf02a26a8cc25716c494f16192
Sha1:   64d5b9e53cb3abe871ab8d0be2ff130a3869bf64
Sha256: d96ad958a118282dd86a1246f46dc80700adc7face9476ef25c23ebba332e883

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/12/Mandarin_Oriental_Macau_logo2.png HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 82906
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 04:53:45 GMT
x-rgw-object-type: Normal
etag: "e0b18e6d073371082ad37edfe4708207"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 04:53:45 GMT
x-amz-request-id: tx000000000000051a77187-006332bd46-1cd07f07-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 255 x 255, 8-bit/color RGBA, non-interlaced\012- data
Size:   82906
Md5:    e0b18e6d073371082ad37edfe4708207
Sha1:   55c2c91de2f917f13388f2901213f5d7f3dd4b02
Sha256: 0e3457abe591dd436bfb8ba9c4290cff7381d82a69b26f4890d5737f943c904d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/12/Grand_Hyatt_Macau_logo3.png HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 73802
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 04:53:28 GMT
x-rgw-object-type: Normal
etag: "661a9ab92639214ef5d53dd1a09904eb"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 04:53:27 GMT
x-amz-request-id: tx000000000000051a569ab-006332bd46-1cd0b581-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 516 x 516, 8-bit/color RGBA, non-interlaced\012- data
Size:   73802
Md5:    661a9ab92639214ef5d53dd1a09904eb
Sha1:   b3e569049ed7216c4aaa26113966af99bf8b36a6
Sha256: f54badb5f90109e7e1c643789171d4242bc043f2c68aa528168d927aca0d078f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2020/10/night-view-china-canton-tower-guangzhou-guangdong-tourism-xinhua-270x152.jpg HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 8414
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 13:52:24 GMT
x-rgw-object-type: Normal
etag: "2a8990b311b17ff512e5fc40c4feb44d"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 13:52:23 GMT
x-amz-request-id: tx000000000000051a99b55-006332bd46-1cd01b00-sgp1b
date: Tue, 27 Sep 2022 09:07:18 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 270x152, components 3\012- data
Size:   8414
Md5:    2a8990b311b17ff512e5fc40c4feb44d
Sha1:   0f35a1807b760c4a278369e0d99c984f30ff8458
Sha256: bf346b8d39e1ee3bb1e9a3ae686b4562029aa11a76912303e32b6a0c09af977e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macaubusiness.com
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
age: 124885
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (826)
Size:   158248
Md5:    db1b5789e9915e9c82f5df92e5982980
Sha1:   2e193e502995501c85f45fd89d9f83707a7f9573
Sha256: db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4089
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 09:07:20 GMT
Last-Modified: Tue, 27 Sep 2022 07:59:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /en_GB/sdk.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4c76c4a5d822f3d2b579c894b93bfa64
etag: "b469c5b7ba39d9b8fec123f16e86584e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 27 Sep 2022 09:23:28 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Ts//qqosGr9cM9IyZ0dKBw==
x-fb-debug: IkWbdJleq9hbVHHpozG5UKZtXLfzuN0maopU/7vjhlGCd3rK3/wElfqlkl1mf3lm8bJIVma1vgXImEEc+qU32Q==
priority: u=3,i
content-length: 1685
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 09:07:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   1685
Md5:    4ecfffaaaa2c1abf5c33d23267474a07
Sha1:   fa0920f984fe4b13fae34fe5fd0fb46464a78651
Sha256: bb4abdd0870f98e343c781dc120ff77d82bb4c0b7db7e39c9e357d8c9e8dd459
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4089
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 09:07:20 GMT
Last-Modified: Tue, 27 Sep 2022 07:59:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1 
Host: static.cloudflareinsights.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.macaubusiness.com
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.47.230
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Tue, 27 Sep 2022 09:07:17 GMT
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 751316942caab4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   94221
Md5:    3637d8bac4d0374870351f1762e775b6
Sha1:   b7e1ce51a694e8880ca9b90fe490d64547ce3b6d
Sha256: ed46eb421ffe2d2986638553d0717cb3670379f82c7496974c9c4e271f1fff85
                                        
                                            GET /macaubusiness/wp-content/uploads/2020/05/2022.5.6-MB-Wes-D_1210x142p-output.jpg HTTP/1.1 
Host: hogo.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 40127
accept-ranges: bytes
last-modified: Tue, 10 May 2022 11:52:00 GMT
x-rgw-object-type: Normal
etag: "175f70c0a2b41319c07024c9b1764ddb"
cache-control: max-age=31536000
expires: Wed, 10 May 2023 11:52:00 GMT
x-amz-request-id: tx000000000000051a99e99-006332bd48-1cd01b00-sgp1b
date: Tue, 27 Sep 2022 09:07:20 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1210x142, components 3\012- data
Size:   40127
Md5:    175f70c0a2b41319c07024c9b1764ddb
Sha1:   4fb77c188dc96b0a3efd869ebed65e4b1f4d4758
Sha256: 3a7e1ac267a71136cd37976a6b408ffa93323063af465767b51973a42da5fa6e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/03/GroupBanner01_mb.com_.jpg HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 179940
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 03:42:30 GMT
x-rgw-object-type: Normal
etag: "cb5c4d05048faba3c790fd464aa1ec8e"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 03:42:30 GMT
x-amz-request-id: tx000000000000051a99e9d-006332bd48-1cd01b00-sgp1b
date: Tue, 27 Sep 2022 09:07:20 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 200x200, segment length 16, baseline, precision 8, 890x1048, components 3\012- data
Size:   179940
Md5:    cb5c4d05048faba3c790fd464aa1ec8e
Sha1:   191898b6a2051a279e8a42adab42e83e6bbc6b44
Sha256: 170765a76cc1ae75b865c24b40459122c44c126ad1de7bd5b718ac00c72cab82

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2019/06/Click-to-subscribe-our-daily-newsletter.png HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 294011
accept-ranges: bytes
last-modified: Wed, 06 Oct 2021 21:32:12 GMT
x-rgw-object-type: Normal
etag: "26c582101d35fcb870d9841a375512e4"
cache-control: max-age=31536000
expires: Thu, 06 Oct 2022 21:32:11 GMT
x-amz-request-id: tx000000000000051a774d1-006332bd48-1cd07f07-sgp1b
date: Tue, 27 Sep 2022 09:07:20 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1210 x 142, 8-bit/color RGBA, non-interlaced\012- data
Size:   294011
Md5:    26c582101d35fcb870d9841a375512e4
Sha1:   23916862263bbca96f397c5be7084f30556237d7
Sha256: 1314a99633d9489f40ab9efabddd521c57a7a4d161b9f0f00e67b183466033ae

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /2017/11/UPDATE_App_MBNews_Button.jpg HTTP/1.1 
Host: mbusiness.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 584485
accept-ranges: bytes
last-modified: Thu, 07 Oct 2021 12:26:15 GMT
x-rgw-object-type: Normal
etag: "0583c5338c432b8d86b6e65e9ee3ba2d"
cache-control: max-age=31536000
expires: Fri, 07 Oct 2022 12:26:14 GMT
x-amz-request-id: tx000000000000051a56cf7-006332bd48-1cd0b581-sgp1b
date: Tue, 27 Sep 2022 09:07:20 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   586686
Md5:    6a484985192c6c8fddbbafa4609e94c1
Sha1:   7f48ec83ae9da0e22fc17d32f847bdfe490759bc
Sha256: ddfdba710ce035bda0da4b96452498159837d61ac1f997b7b908b1b1008a67ab

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-105852722-2&cid=449293949.1664269639&jid=1661786710&gjid=1806174156&_gid=898317636.1664269639&_u=YEBAAUAAAAAAAC~&z=1406202832 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.macaubusiness.com
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         64.233.162.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.macaubusiness.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 09:07:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 09:07:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /macaubusiness/wp-content/uploads/2019/04/20211122_IFTM_MNA-online-banner_OP_2000x984px.jpg HTTP/1.1 
Host: hogo.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 767227
accept-ranges: bytes
last-modified: Tue, 23 Nov 2021 07:45:29 GMT
x-rgw-object-type: Normal
etag: "671492c59ac90088951ee2d48623ff44"
cache-control: max-age=31536000
expires: Wed, 23 Nov 2022 07:45:29 GMT
x-amz-request-id: tx000000000000051a56cf9-006332bd48-1cd0b581-sgp1b
date: Tue, 27 Sep 2022 09:07:20 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=4101, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=8334], baseline, precision 8, 2000x984, components 3\012- data
Size:   767227
Md5:    671492c59ac90088951ee2d48623ff44
Sha1:   462245e4494f2b841f524380984a5f4d0770d21f
Sha256: 8acba47dd2d9e53b8ae02f8c5733577b27884b1cf8a6be42eb420483dd88f220

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /macaubusiness/wp-content/uploads/2021/05/FMCC-Logo_updated-01.jpg HTTP/1.1 
Host: hogo.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 213483
accept-ranges: bytes
last-modified: Thu, 28 Apr 2022 17:11:27 GMT
x-rgw-object-type: Normal
etag: "e888ab43cbcea8dbd60925c37a2486d1"
cache-control: max-age=31536000
expires: Fri, 28 Apr 2023 17:11:27 GMT
x-amz-request-id: tx000000000000051a99ea2-006332bd48-1cd01b00-sgp1b
date: Tue, 27 Sep 2022 09:07:20 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 2846x1600, components 3\012- data
Size:   213483
Md5:    e888ab43cbcea8dbd60925c37a2486d1
Sha1:   f9b50e86199e89f8afcf99b36c96073c0bccf4df
Sha256: dbf58eba5e1bb31e62204588b7fba959361c3110db4b0537e85a17903fff70e3

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /macaubusiness/wp-content/uploads/2021/02/WechatIMG10.png HTTP/1.1 
Host: hogo.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 35788
accept-ranges: bytes
last-modified: Thu, 15 Sep 2022 09:10:11 GMT
x-rgw-object-type: Normal
etag: "cd1ae086f2ef4fd9bcf871bcf0858a60"
cache-control: max-age=31536000
expires: Fri, 15 Sep 2023 09:10:11 GMT
x-amz-request-id: tx000000000000051abc09e-006332bd48-1ccfd03d-sgp1b
date: Tue, 27 Sep 2022 09:07:20 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 252 x 124, 8-bit/color RGB, non-interlaced\012- data
Size:   35788
Md5:    cd1ae086f2ef4fd9bcf871bcf0858a60
Sha1:   898a3bbee47e4f2a157c1184551f9db0baa3b0c6
Sha256: c0f65c75ea8415919b283a12f77652c96d17648309850d851397eaee41c241a5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /macaubusiness/wp-content/uploads/2019/10/28k-followers.jpg HTTP/1.1 
Host: hogo.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 1012002
accept-ranges: bytes
last-modified: Thu, 21 Jul 2022 05:21:30 GMT
x-rgw-object-type: Normal
etag: "1fa232302ca44f7623a6831bdaf7e117"
cache-control: max-age=31536000
expires: Fri, 21 Jul 2023 05:21:30 GMT
x-amz-request-id: tx000000000000051a99e9f-006332bd48-1cd01b00-sgp1b
date: Tue, 27 Sep 2022 09:07:20 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   1044771
Md5:    622cf635ba20855cd451373e9b68fddc
Sha1:   31f45316a92f39479706410150408539e29c449d
Sha256: 5c7d21b96a06091853dc32d613db9890a7dd43839101731e15c76bd972d1f6cf

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /macaubusiness/wp-content/uploads/2022/03/1210x142px.jpg HTTP/1.1 
Host: hogo.sgp1.digitaloceanspaces.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.253.144.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 514186
accept-ranges: bytes
last-modified: Fri, 02 Sep 2022 04:13:32 GMT
x-rgw-object-type: Normal
etag: "6b760ba134f012674fd9683602240278"
cache-control: max-age=31536000
expires: Sat, 02 Sep 2023 04:13:32 GMT
x-amz-request-id: tx000000000000051a774ca-006332bd48-1cd07f07-sgp1b
date: Tue, 27 Sep 2022 09:07:20 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 5042x593, components 3\012- data
Size:   514186
Md5:    6b760ba134f012674fd9683602240278
Sha1:   4a7879c38aa44d73228692dedaf5b09d52be87e1
Sha256: 51a4b05274cfa62cf249f916c3ef8c15a9d192c85504878a52503d3869b44871

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /mna/ HTTP/1.1 
Host: www.macaubusiness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.144.144
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 09:07:17 GMT
vary: Accept-Encoding
p3p: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
link: <https://www.macaubusiness.com/wp-json/>; rel="https://api.w.org/", <https://www.macaubusiness.com/?p=135127>; rel=shortlink
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhI6lrPm%2BtmjpjXH5veWeQNRoyHw4kIuAcCMjfErvX7y4nhxAV4U%2F9l8LMhq1uh9UbPXl%2BrMT1VhgWcwIsQIBm%2B2lcs3i1gYXto5bz400x%2BLcdtbhpotGyutGDZ0N9TTSizaA%2FEu7XY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7513168eb99bb505-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=20201014 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.macaubusiness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 09:07:17 GMT
date: Tue, 27 Sep 2022 09:07:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---