enit.in/N8qn7zm
172.67.133.181301 Moved Permanently 0 B IP 172.67.133.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /N8qn7zm HTTP/1.1
Host: enit.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 18:35:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 02 Dec 2022 19:35:53 GMT
Location: https://enit.in/N8qn7zm
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06a98xO1BXIowc%2BXs9GULFy3%2BVsbKbbD444PkI74dP97cyjY0ljy39HkqexSGJm0RSQ7mxHtNGhQNRLbgkTmrE9561Rtnuqgl10yJ6l71LGGPkfAFjk9E9%2Ba"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77362a3cbb85b524-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9633
Expires: Fri, 02 Dec 2022 21:16:26 GMT
Date: Fri, 02 Dec 2022 18:35:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6238
Cache-Control: max-age=149960
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:53 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 12:15:13 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 18:19:57 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 957
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15776
Expires: Fri, 02 Dec 2022 22:58:50 GMT
Date: Fri, 02 Dec 2022 18:35:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WVumI3mpt4qI6wWcfJ6sxXNBSXXgHm3Nu+2YoBqBRSZh4Wn8yn1ipvzxkhQYNS7wgxRetxc2hJE=
x-amz-request-id: S38V7FKVFPN9GQ73
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 17:46:47 GMT
age: 2947
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 18:35:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0fe229cbf7fae2ae0094b11a7ea5690
0170640d740ea316cadcf2086304f07e611714fa
cc1f4fac0992994f283303198fb731b7df85f96c441b31c29d8e4c474c4cf0fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CC1F4FAC0992994F283303198FB731B7DF85F96C441B31C29D8E4C474C4CF0FD"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13861
Expires: Fri, 02 Dec 2022 22:26:55 GMT
Date: Fri, 02 Dec 2022 18:35:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 18:08:57 GMT
cache-control: public,max-age=3600
age: 1617
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6230
Cache-Control: max-age=144890
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:54 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:50:44 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.38.139.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.139.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eY949pHjeARfqbdu1i80Fg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QB4XENYmVd9CTRTOWeznhrWjRXQ=
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0fe229cbf7fae2ae0094b11a7ea5690
0170640d740ea316cadcf2086304f07e611714fa
cc1f4fac0992994f283303198fb731b7df85f96c441b31c29d8e4c474c4cf0fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CC1F4FAC0992994F283303198FB731B7DF85F96C441B31C29D8E4C474C4CF0FD"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13860
Expires: Fri, 02 Dec 2022 22:26:55 GMT
Date: Fri, 02 Dec 2022 18:35:55 GMT
Connection: keep-alive
enit.in/N8qn7zm
172.67.133.181200 OK 94 kB IP 172.67.133.181:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (17890)
Hash c8e9d49a5bed34d91d3a36994b065448
ae997e0fe4229119142993c9fffbf3a52a806c8f
f2adb5f1e719321bcc900120645b55e4fe7d21c1d6c1ad47a277b1e17f536447
GET /N8qn7zm HTTP/1.1
Host: enit.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: refN8qn7zm=N2M3YzY1ODdiYTk1OWMyOTNkM2I3YzRmN2NjMDBiYmYyMDViOTUwNmRiMGZiMjJlZTVmNmY4YWM4YzExNzU2MX9QKI1gvLFyaJss5achtuafBNiON16Rmmgd%2FtoIf74j; expires=Fri, 02-Dec-2022 18:40:54 GMT; Max-Age=300; path=/; HttpOnly; secure
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZbPKvuqtByJklrYi8IAQ7ORK%2BP7JV5sbEm9my%2FnJS5x5up4Dv0ZWb4YvmGnrMO8OxJASK4jT3Hpy9w4X916WsY7xNg128%2FBswi46sB4MlzjBcgeufhe9UU%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77362a40b86f0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 303fb949f4bf85e000c404b27133bf19
d1827b421ded85a99278704c10729edc68e072ad
3605c0a30d5336b9a2fce8ac38a4b396981d3e348ab3879e9501bf4cdab76ef3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5491
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:55 GMT
Last-Modified: Fri, 02 Dec 2022 17:04:24 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
i.imgur.com/Zm57T8a.png
151.101.84.193200 OK 6.7 kB IP 151.101.84.193:0
File type PNG image data, 209 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 77cc82df02e99141dbafcdac433b3b6a
47e0af5e3390578f5b49dcb41760ff924455db7a
906ee764e0c4fa542fa06304d3e88b4ac165f080f93fffe89a6c543481c6764d
GET /Zm57T8a.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 14 Jan 2018 15:19:31 GMT
etag: "77cc82df02e99141dbafcdac433b3b6a"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 02 Dec 2022 18:35:55 GMT
age: 2717573
x-served-by: cache-iad-kiad7000040-IAD, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 8148, 1
x-timer: S1670006155.180651,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 6699
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fc1bc5e1cf067f0ce6d7a5eac898edf4
1a32932b41586858257140aff87f15ed7c135c9e
9e0bb7b1abea6a15f1634b24eeb38296d77bcde986ebcdef29e074aa4ffc7e2a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E0BB7B1ABEA6A15F1634B24EEB38296D77BCDE986EBCDEF29E074AA4FFC7E2A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3042
Expires: Fri, 02 Dec 2022 19:26:37 GMT
Date: Fri, 02 Dec 2022 18:35:55 GMT
Connection: keep-alive
js.hcaptcha.com/1/api.js
104.16.169.131200 OK 82 kB IP 104.16.169.131:0
Hash adce68b2eb0fb035f57f0a3df7b94f9c
a6f418ad7e2a3ab07ff6de8d84e784caa99d7f86
8ace7eefb4893b6a62cfcee96e6e6d823b146b7a99584abeb1922509a7e4dac8
GET /1/api.js HTTP/1.1
Host: js.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:55 GMT
content-type: application/javascript
cf-ray: 77362a45cc030b55-OSL
age: 0
cache-control: max-age=120
etag: W/"7d1663d2f7dac7d5e43b506d00d378b8"
last-modified: Wed, 30 Nov 2022 18:05:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: xqREJGCDXjEnJ0_BsYFfDKxKMpnBtXAJJYF94xaJJTWC3CXPwAZUhg==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0856a45d58eba431a90fcc8c6b9fef7b
33edd367094ffa1f5bcbc609f0d667ea03f9294c
42ccc7704b3c9330018fe9ea70710fa00afa045cc0003227d92f30ad4212b41d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42CCC7704B3C9330018FE9EA70710FA00AFA045CC0003227D92F30AD4212B41D"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17535
Expires: Fri, 02 Dec 2022 23:28:10 GMT
Date: Fri, 02 Dec 2022 18:35:55 GMT
Connection: keep-alive
system-notify.app/f/sdk.js?z=737225
157.90.33.68200 OK 12 kB URL HTTP/2 system-notify.app/f/sdk.js?z=737225
IP 157.90.33.68:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (45301), with no line terminators
Hash c191d1988cadc3b270bccc6cb93ffeb2
b3097ee2d529a220885d259638b69c53dbe1e0c4
98e3006a9221ba7627854ba8616624af5d910fa01bd49332fdbc2541364e5797
GET /f/sdk.js?z=737225 HTTP/1.1
Host: system-notify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 18:35:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 11961
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
system-notify.app/event?z=737225
157.90.33.68200 OK 0 B URL HTTP/2 system-notify.app/event?z=737225
IP 157.90.33.68:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event?z=737225 HTTP/1.1
Host: system-notify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 82
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 18:35:55 GMT
content-length: 0
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ac025198211504112a169570fc8bc6f2
cde5df224473b55bc3430da496ab15437d02449b
34c0a431aff614849d4ad6f16045fb79c98fe8ab2ebf784b002916309933cfb2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:35:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 07:28:20 GMT
Expires: Fri, 09 Dec 2022 07:28:19 GMT
Etag: "cde5df224473b55bc3430da496ab15437d02449b"
Cache-Control: max-age=564143,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77362a4878820b06-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ac025198211504112a169570fc8bc6f2
cde5df224473b55bc3430da496ab15437d02449b
34c0a431aff614849d4ad6f16045fb79c98fe8ab2ebf784b002916309933cfb2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:35:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 07:28:20 GMT
Expires: Fri, 09 Dec 2022 07:28:19 GMT
Etag: "cde5df224473b55bc3430da496ab15437d02449b"
Cache-Control: max-age=564143,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77362a487924b517-OSL
uidsync.net/sync?user_id=u5e5J6Ar3wL0P6Q4X8F4
157.90.33.121204 No Content 0 B URL HTTP/2 uidsync.net/sync?user_id=u5e5J6Ar3wL0P6Q4X8F4
IP 157.90.33.121:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?user_id=u5e5J6Ar3wL0P6Q4X8F4 HTTP/1.1
Host: uidsync.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://enit.in/
Origin: https://enit.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 18:35:55 GMT
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
uidsync.net/sync?user_id=u5e5J6Ar3wL0P6Q4X8F4
157.90.33.121200 OK 60 B URL HTTP/2 uidsync.net/sync?user_id=u5e5J6Ar3wL0P6Q4X8F4
IP 157.90.33.121:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash f541141726e75a6463e093f988b9759e
ecfe0401f157b7581eff095ee6d310b3f1d4f606
f8bfedfa43334dcd92ddf3380fd20d2d2fb181728b124686a7453948e38eb4e3
GET /sync?user_id=u5e5J6Ar3wL0P6Q4X8F4 HTTP/1.1
Host: uidsync.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://enit.in/
Content-Type: application/json
Origin: https://enit.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 18:35:55 GMT
content-type: application/json; charset=utf-8
content-length: 60
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
set-cookie: rauid=u5e5J6Ar3wL0P6Q4X8F4; expires=Sat, 02 Dec 2023 18:35:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b66679df57f69558907aa7d9d2fd7d3a
00569b9386abf1a17e095a82397081cb715f7c21
046afca03e474554da4e83911107e91e243f3b9b497dc21929f985fcf408c971
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "046AFCA03E474554DA4E83911107E91E243F3B9B497DC21929F985FCF408C971"
Last-Modified: Fri, 02 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4073
Expires: Fri, 02 Dec 2022 19:43:48 GMT
Date: Fri, 02 Dec 2022 18:35:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b66679df57f69558907aa7d9d2fd7d3a
00569b9386abf1a17e095a82397081cb715f7c21
046afca03e474554da4e83911107e91e243f3b9b497dc21929f985fcf408c971
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "046AFCA03E474554DA4E83911107E91E243F3B9B497DC21929F985FCF408C971"
Last-Modified: Fri, 02 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4385
Expires: Fri, 02 Dec 2022 19:49:00 GMT
Date: Fri, 02 Dec 2022 18:35:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 24aafadb81fe8bd37abc74ad21d2e34c
ec440235df871b555cd1ae5fae7d0ee8819f414a
3e5383d3be3fe844280d3d094f1390fd14046e08d966be3646af263f899ed913
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E5383D3BE3FE844280D3D094F1390FD14046E08D966BE3646AF263F899ED913"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5405
Expires: Fri, 02 Dec 2022 20:06:00 GMT
Date: Fri, 02 Dec 2022 18:35:55 GMT
Connection: keep-alive
floccischlump.com/tb2qc6uTKW8XDp/27255
23.109.87.192200 OK 25 B URL HTTP/1.1 floccischlump.com/tb2qc6uTKW8XDp/27255
IP 23.109.87.192:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
Analyzer Verdict Alert quad9 Sinkholed
GET /tb2qc6uTKW8XDp/27255 HTTP/1.1
Host: floccischlump.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 18:35:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://enit.in
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sat, 03-Dec-2022 18:35:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Sat, 03-Dec-2022 18:35:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
bringsconserve.com/4c7228294c5c19bbf0da33f0f438b72c/invoke.js
192.243.61.225200 OK 9.3 kB URL HTTP/1.1 bringsconserve.com/4c7228294c5c19bbf0da33f0f438b72c/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25136), with no line terminators
Hash 157d590d02d97c36261e4d6f4f023b0c
bcadb16015529746cb2ab3c0b54c46906dbf687d
33d011c2ca5237427e2da1bb29901cefa3fc6ab951dc6193982794c857f5973e
Analyzer Verdict Alert quad9 Sinkholed
GET /4c7228294c5c19bbf0da33f0f438b72c/invoke.js HTTP/1.1
Host: bringsconserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 18:35:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 342f70dd42f5fc4dfdbc9e946a738541
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
bringsconserve.com/34/aa/84/34aa847f855cc91a3510c99f05af9a65.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 bringsconserve.com/34/aa/84/34aa847f855cc91a3510c99f05af9a65.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37163), with no line terminators
Hash e24e515b9567e1180bf558c9495753df
48335fc2caa4e0a17a650384eaec99bee7079350
f48f472342a7084bfc4b06a44f15f47438935fefc9e44ba8acfe87f4f243eb3f
Analyzer Verdict Alert quad9 Sinkholed
GET /34/aa/84/34aa847f855cc91a3510c99f05af9a65.js HTTP/1.1
Host: bringsconserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 18:35:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dd5e57b8a7466eb12a2254dd0f773943
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ae362dcfc36c65824b06b3a446b76018
80f0c3404430a097f1c013ca2691d93db7da3dc9
23af03564e7b0e00f5136a553591440f4dfe606515e0c8929f6f895f89e22273
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4233
Cache-Control: max-age=140016
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:56 GMT
Etag: "6389b4f3-116"
Expires: Sun, 04 Dec 2022 09:29:32 GMT
Last-Modified: Fri, 02 Dec 2022 08:18:59 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 22697cff4db5ea5a4c791ce4358a971f
fa4d1ffe6a7354f75e8607231f57a5728e87dfb3
61575c6d3a055a65d09622357da8cdf97d57b96ed8d1d4a7360bd8432931d638
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "61575C6D3A055A65D09622357DA8CDF97D57B96ED8D1D4A7360BD8432931D638"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13245
Expires: Fri, 02 Dec 2022 22:16:41 GMT
Date: Fri, 02 Dec 2022 18:35:56 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 8be4570a1d9d09c7b793e97ee1f6edaf
cb101195afa0dbb473bcd5050ee2ab4a25af825f
b69ece6aab66eec92b6b3bd8c8e6febd027c8dac1a86faaed1b217dec8e784b1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160390
Date: Fri, 02 Dec 2022 18:35:56 GMT
Etag: "6389fe18-1d7"
Expires: Sun, 04 Dec 2022 15:09:06 GMT
Last-Modified: Fri, 02 Dec 2022 13:31:04 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PD96TopPku8fFxROUFBA7ckb4RWenH_lLEnFul2pqDDR6JTnbzG9pw==
Age: 5882
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a7b2c025a2920fe089ddebaf876d45d
f189d6c447af2b5405fd62036e2a42d15fcdccf6
752b233c690105130d22c8d7df624c97b21e9864e7ae140987ecf04d153c0dfa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4519
Expires: Fri, 02 Dec 2022 19:51:15 GMT
Date: Fri, 02 Dec 2022 18:35:56 GMT
Connection: keep-alive
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 419f06a2e844d44750b4e0c687efc564
fee6200ad647355ee75990956f7213aa8aa16bdc
6ec7e03dbcb4b0b09051e9aa88d1966416bb78b4627218a9a94605044014ec29
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
set-cookie: uid_id2=a047644b-d851-4589-84f8-06a7f544853f:1:1; expires=Mon, 29 Nov 2032 18:35:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
i.ytimg.com/vi/XixSUf8-F0k/hqdefault.jpg
142.250.74.22200 OK 12 kB URL HTTP/2 i.ytimg.com/vi/XixSUf8-F0k/hqdefault.jpg
IP 142.250.74.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 1622f1bf3a222cdbb00402d2615b8a25
4849e88d0bbb946a2564561730cc604bd23d0860
ac2f1bb2790397162b648d07d637107d780af8d99419736653c09c4f4a91e4e1
GET /vi/XixSUf8-F0k/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 11719
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 18:05:31 GMT
expires: Fri, 02 Dec 2022 20:05:31 GMT
cache-control: public, max-age=7200
age: 1825
etag: "1667846379"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2425
Expires: Fri, 02 Dec 2022 19:16:21 GMT
Date: Fri, 02 Dec 2022 18:35:56 GMT
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-M8H9XNQ
172.217.21.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M8H9XNQ
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 607734acb912ad0aa31739c911f460a1
20888a8ddc08d6f3a45b41b8e31a32f0802e4067
0943db1001ad723fe622e1a7f26d7f4d24486785a531e0a8052ffc3ba4074a03
GET /gtm.js?id=GTM-M8H9XNQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 18:35:56 GMT
expires: Fri, 02 Dec 2022 18:35:56 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46031
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ae362dcfc36c65824b06b3a446b76018
80f0c3404430a097f1c013ca2691d93db7da3dc9
23af03564e7b0e00f5136a553591440f4dfe606515e0c8929f6f895f89e22273
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4233
Cache-Control: max-age=140016
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:56 GMT
Etag: "6389b4f3-116"
Expires: Sun, 04 Dec 2022 09:29:32 GMT
Last-Modified: Fri, 02 Dec 2022 08:18:59 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.33.119.27200 OK 1.3 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, from Unix\012- data
Hash aa3a1b019f896e62645ce3382a398393
4538601dfd78d10879adb8dee3598cff7fc3916a
b54dcfef7b3d4a4c5c93d28232591d206ec13fafce8795a2b0ad43a89608e489
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2425
Expires: Fri, 02 Dec 2022 19:16:21 GMT
Date: Fri, 02 Dec 2022 18:35:56 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 8be4570a1d9d09c7b793e97ee1f6edaf
cb101195afa0dbb473bcd5050ee2ab4a25af825f
b69ece6aab66eec92b6b3bd8c8e6febd027c8dac1a86faaed1b217dec8e784b1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160390
Date: Fri, 02 Dec 2022 18:35:56 GMT
Etag: "6389fe18-1d7"
Expires: Sun, 04 Dec 2022 15:09:06 GMT
Last-Modified: Fri, 02 Dec 2022 13:31:04 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MX9LVkAZDz8cOZG8lzDpJlVxBTh1NQkM6MaD5a5kuSh4clu-dWMOtA==
Age: 5882
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 13:09:50 GMT
age: 19566
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 74745
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 23:43:28 GMT
age: 67948
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 00:54:54 GMT
age: 63662
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 9221660b9b3d5432f8bd5d197af8eb8d
221ae5b15353aa0e8510ed98903f73ec89cd3f8f
53a41a0bb739e39a618fe3e9e854e9086f9c211ceaf08f0bddfbeb57c022ce31
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
set-cookie: uid_id2=933e1d12-323c-4cf2-bce1-9ea726354336:3:1; expires=Mon, 29 Nov 2032 18:35:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=8d9759e8cf274f5e8167b7e23e8ea363
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=8d9759e8cf274f5e8167b7e23e8ea363
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e4fd3ba1f602644cadad4034140eff8c
6a36d97298df5118d17cb1dfbcd9f2470cd60290
091c18b73f83c54b897c2cbbb8bcb96208aa37d1388461b95005a2c86cbaf986
GET /gid.js?userId=8d9759e8cf274f5e8167b7e23e8ea363 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 18:35:56 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://enit.in
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8d9759e8cf274f5e8167b7e23e8ea363; expires=Sat, 02 Dec 2023 18:35:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d08081e2dd562ef50e4e98ebc0136698
b5118bca37feda2ada3001199dc1d80ac6d2aacc
5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: 21469d81-ee4b-47f3-8877-b6658b3ea8b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDHE4zoAMFvfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-5b39eddd703ea04e6a1355f8;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ArJSu5jI0RrZj3QtJp6oI6Yvf9LCWrYqU0HRIl8U8xJjdeOaJEe2yg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:20:07 GMT
age: 72949
etag: "b5118bca37feda2ada3001199dc1d80ac6d2aacc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 74880
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a7b2c025a2920fe089ddebaf876d45d
f189d6c447af2b5405fd62036e2a42d15fcdccf6
752b233c690105130d22c8d7df624c97b21e9864e7ae140987ecf04d153c0dfa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2a3e9c9270d5d1402700343b567d8e21
4348655937347ff19881acafd04b1277e017f19c
905ee9517e8597ac86e76b99b970f77a4fbb2500de30ef6efea97a4bbcea51d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:35:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 13:33:18 GMT
Expires: Fri, 09 Dec 2022 13:33:17 GMT
Etag: "4348655937347ff19881acafd04b1277e017f19c"
Cache-Control: max-age=586040,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77362a4cdc630b06-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash eec3c7ebc58980354a748711061af490
e4403d4a3dc4e811e53636273cd556b0eacad833
c1d1b42335a99163dcd2c9c8b4c9c26d1629d54606e36e24e55128ccc65d5ac6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1D1B42335A99163DCD2C9C8B4C9C26D1629D54606E36E24E55128CCC65D5AC6"
Last-Modified: Fri, 02 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10394
Expires: Fri, 02 Dec 2022 21:29:10 GMT
Date: Fri, 02 Dec 2022 18:35:56 GMT
Connection: keep-alive
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 887
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 02 Dec 2022 18:35:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://enit.in
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 22697cff4db5ea5a4c791ce4358a971f
fa4d1ffe6a7354f75e8607231f57a5728e87dfb3
61575c6d3a055a65d09622357da8cdf97d57b96ed8d1d4a7360bd8432931d638
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "61575C6D3A055A65D09622357DA8CDF97D57B96ED8D1D4A7360BD8432931D638"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13245
Expires: Fri, 02 Dec 2022 22:16:41 GMT
Date: Fri, 02 Dec 2022 18:35:56 GMT
Connection: keep-alive
aliastryalways.com/ntv.json?key=4c7228294c5c19bbf0da33f0f438b72c&vstc=1
192.243.59.12200 OK 4.2 kB URL HTTP/1.1 aliastryalways.com/ntv.json?key=4c7228294c5c19bbf0da33f0f438b72c&vstc=1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (4167), with no line terminators
Hash bb411e5a46d1098466df3c3dd9657173
af20ed1ab42021c20c1b2242c72f16991d5e21b7
9e61988265e00dcf96d69136bc32db307bf8a93d6e982e684c552eb413bbb62a
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=4c7228294c5c19bbf0da33f0f438b72c&vstc=1 HTTP/1.1
Host: aliastryalways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 18:35:56 GMT
Content-Type: application/json
Content-Length: 4167
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://enit.in
Access-Control-Allow-Origin: https://enit.in
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=14860800; expires=Sat, 03 Dec 2022 18:35:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 03 Dec 2022 18:35:56 GMT; secure; SameSite=None
uncs=1; expires=Sat, 03 Dec 2022 18:35:56 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sat, 03 Dec 2022 18:35:56 GMT; secure; SameSite=None
uncs49=1; expires=Sat, 03 Dec 2022 18:35:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f8b1cb21481fb922f05a157afccaf386
Strict-Transport-Security: max-age=0; includeSubdomains
aliastryalways.com/25/0c/94/250c944ba40284021e738ce5e5482313.js
192.243.59.12200 OK 29 kB URL HTTP/1.1 aliastryalways.com/25/0c/94/250c944ba40284021e738ce5e5482313.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash ddcd0040ed9b2aa3113b554fad92ed42
bdf8c6cb47da347bc498426c0cf9b09013f318cf
b8f75d98ca973f75eeaf1050f54983f99f34d5b3dfd5c530924c88d3563c582a
Analyzer Verdict Alert quad9 Sinkholed
GET /25/0c/94/250c944ba40284021e738ce5e5482313.js HTTP/1.1
Host: aliastryalways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 18:35:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d908a973b035b9a17acd77b9c08abca1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a1a125695fbcd312685fe655dedb60d2
c26e91d38e6bbb5dec2c62b73bdea02f9dd39b43
220b199f2775f9b0c86f9e1d85a95983aac4c0f01a1b6e7c60a13d95235e0dfd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "220B199F2775F9B0C86F9E1D85A95983AAC4C0F01A1B6E7C60A13D95235E0DFD"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16336
Expires: Fri, 02 Dec 2022 23:08:12 GMT
Date: Fri, 02 Dec 2022 18:35:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3c0282fb1989711e4a48dce935bf7813
30bed8a42fc820e4feb64bd22ddfefe120889014
81e304f070d6b7aa4dc67c727523578cd18a665a5cfe674a3b1391f3f39fc11a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81E304F070D6B7AA4DC67C727523578CD18A665A5CFE674A3B1391F3F39FC11A"
Last-Modified: Thu, 01 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4776
Expires: Fri, 02 Dec 2022 19:55:32 GMT
Date: Fri, 02 Dec 2022 18:35:56 GMT
Connection: keep-alive
aliastryalways.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28jRRSePSUUUIFoEBQuQQJn116fba5AhFxQREjC3aGIcn6tM3h2ZzWz63XSEHESOiEKQwVXbT4nFwEHuvsDkGBDczoJ6dygFKTgD4AC6Wpkx5LhSTPvfe%2Bb4vvem8%2BO8gviI6fnO%2B%2BbA6U1XWnV%2FdqruyoRpnC1rVu1wK%2F712q7KrkaXqsNp5cdvBn4rbr%2FWu1dyftmpeEHvh%2F4QW1dWRmZ4cqMhUrvd4N616%2BHjXrQCjG0%2F8cu9%2BCoBzG4IC9Aicny3qOHULxCEj9Yk66fmfT163GuaWYsBuL0w6SfmCJBvCgj6yFKTuevYdyEkK%2BvwCSncwcwg%2BOpAzA1Id7vAVhyOpcJNji5VMo0ZAImnkMxqCB1BUUrcHMbSjwhABfY2kYS39sytqD7lyydshOy9PQfqGJClv54EUn846pWw9pNo%2FNMmcRhGJVQwwqqVyHNz5AdeFDFGXj2KZT4jaw83UQSH287baBEOXOvVAUVVdByBOo85NOjPOSRhzz1EIvzGm11I99vRyxqNjsh57zZ5LzVuSpaohl2Ih85n8obIUtH4HoEbg%2BR2kP01Qg2%2Fxlur4QTHlw2Id4HhxiIEoUkKBxBQQkKRVBkBMWgPBHaNVx5T2iXs2CeG%2FPcLMcm6x3RE5P1ZEKO0gvy%2FGwuf1YEfXleC3m70eg0uiFv8aDLWOQL2mxGfhQ2O6zd4HCqhHJXZlYPpkta%2BwWpmhDy1xtg9AxOn4GrV0DzALQYtxs%2B6N447Pg4SH7gWvG%2Bi%2FR%2BnZsYwpRIsyVk%2B96RviAvzYSEfy9D8sdkHuC2RGpLfKx%2BJejpO%2BMbpiDHN0zhyMPtNFOxOqDT5d3MaCaf%2Be49uV8YKzbW3Ojbt%2FmUmJb3b0mXbdJEqKTnyPerSghp143lkvy04XYl28nd3mpukzzd3HlnfSNOrXROmaQCVU8%2B%2BgpcTciy%2FGT2LV%2B%2B%2BwDKVrB5iThfKFWmAk8P4dJFzxkCqxeYpR6KvBzbBls0tSLQcoEpK%2BH%2Bg9miPnJ30LMeaHYbSVxiYEsMdAmqR3D5s%2BMstY%2FfevTNNO6CaW%2FMtPWOmbb6y8vROnVek63Ij6TfkCzqsqhNfdGNwi6j3UC2WYsGyNyEf379i38BAAD%2F%2FwEAAP%2F%2Fwwqp1G4EAAA%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 aliastryalways.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28jRRSePSUUUIFoEBQuQQJn116fba5AhFxQREjC3aGIcn6tM3h2ZzWz63XSEHESOiEKQwVXbT4nFwEHuvsDkGBDczoJ6dygFKTgD4AC6Wpkx5LhSTPvfe%2Bb4vvem8%2BO8gviI6fnO%2B%2BbA6U1XWnV%2FdqruyoRpnC1rVu1wK%2F712q7KrkaXqsNp5cdvBn4rbr%2FWu1dyftmpeEHvh%2F4QW1dWRmZ4cqMhUrvd4N616%2BHjXrQCjG0%2F8cu9%2BCoBzG4IC9Aicny3qOHULxCEj9Yk66fmfT163GuaWYsBuL0w6SfmCJBvCgj6yFKTuevYdyEkK%2BvwCSncwcwg%2BOpAzA1Id7vAVhyOpcJNji5VMo0ZAImnkMxqCB1BUUrcHMbSjwhABfY2kYS39sytqD7lyydshOy9PQfqGJClv54EUn846pWw9pNo%2FNMmcRhGJVQwwqqVyHNz5AdeFDFGXj2KZT4jaw83UQSH287baBEOXOvVAUVVdByBOo85NOjPOSRhzz1EIvzGm11I99vRyxqNjsh57zZ5LzVuSpaohl2Ih85n8obIUtH4HoEbg%2BR2kP01Qg2%2Fxlur4QTHlw2Id4HhxiIEoUkKBxBQQkKRVBkBMWgPBHaNVx5T2iXs2CeG%2FPcLMcm6x3RE5P1ZEKO0gvy%2FGwuf1YEfXleC3m70eg0uiFv8aDLWOQL2mxGfhQ2O6zd4HCqhHJXZlYPpkta%2BwWpmhDy1xtg9AxOn4GrV0DzALQYtxs%2B6N447Pg4SH7gWvG%2Bi%2FR%2BnZsYwpRIsyVk%2B96RviAvzYSEfy9D8sdkHuC2RGpLfKx%2BJejpO%2BMbpiDHN0zhyMPtNFOxOqDT5d3MaCaf%2Be49uV8YKzbW3Ojbt%2FmUmJb3b0mXbdJEqKTnyPerSghp143lkvy04XYl28nd3mpukzzd3HlnfSNOrXROmaQCVU8%2B%2BgpcTciy%2FGT2LV%2B%2B%2BwDKVrB5iThfKFWmAk8P4dJFzxkCqxeYpR6KvBzbBls0tSLQcoEpK%2BH%2Bg9miPnJ30LMeaHYbSVxiYEsMdAmqR3D5s%2BMstY%2FfevTNNO6CaW%2FMtPWOmbb6y8vROnVek63Ij6TfkCzqsqhNfdGNwi6j3UC2WYsGyNyEf379i38BAAD%2F%2FwEAAP%2F%2Fwwqp1G4EAAA%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28jRRSePSUUUIFoEBQuQQJn116fba5AhFxQREjC3aGIcn6tM3h2ZzWz63XSEHESOiEKQwVXbT4nFwEHuvsDkGBDczoJ6dygFKTgD4AC6Wpkx5LhSTPvfe%2Bb4vvem8%2BO8gviI6fnO%2B%2BbA6U1XWnV%2FdqruyoRpnC1rVu1wK%2F712q7KrkaXqsNp5cdvBn4rbr%2FWu1dyftmpeEHvh%2F4QW1dWRmZ4cqMhUrvd4N616%2BHjXrQCjG0%2F8cu9%2BCoBzG4IC9Aicny3qOHULxCEj9Yk66fmfT163GuaWYsBuL0w6SfmCJBvCgj6yFKTuevYdyEkK%2BvwCSncwcwg%2BOpAzA1Id7vAVhyOpcJNji5VMo0ZAImnkMxqCB1BUUrcHMbSjwhABfY2kYS39sytqD7lyydshOy9PQfqGJClv54EUn846pWw9pNo%2FNMmcRhGJVQwwqqVyHNz5AdeFDFGXj2KZT4jaw83UQSH287baBEOXOvVAUVVdByBOo85NOjPOSRhzz1EIvzGm11I99vRyxqNjsh57zZ5LzVuSpaohl2Ih85n8obIUtH4HoEbg%2BR2kP01Qg2%2Fxlur4QTHlw2Id4HhxiIEoUkKBxBQQkKRVBkBMWgPBHaNVx5T2iXs2CeG%2FPcLMcm6x3RE5P1ZEKO0gvy%2FGwuf1YEfXleC3m70eg0uiFv8aDLWOQL2mxGfhQ2O6zd4HCqhHJXZlYPpkta%2BwWpmhDy1xtg9AxOn4GrV0DzALQYtxs%2B6N447Pg4SH7gWvG%2Bi%2FR%2BnZsYwpRIsyVk%2B96RviAvzYSEfy9D8sdkHuC2RGpLfKx%2BJejpO%2BMbpiDHN0zhyMPtNFOxOqDT5d3MaCaf%2Be49uV8YKzbW3Ojbt%2FmUmJb3b0mXbdJEqKTnyPerSghp143lkvy04XYl28nd3mpukzzd3HlnfSNOrXROmaQCVU8%2B%2BgpcTciy%2FGT2LV%2B%2B%2BwDKVrB5iThfKFWmAk8P4dJFzxkCqxeYpR6KvBzbBls0tSLQcoEpK%2BH%2Bg9miPnJ30LMeaHYbSVxiYEsMdAmqR3D5s%2BMstY%2FfevTNNO6CaW%2FMtPWOmbb6y8vROnVek63Ij6TfkCzqsqhNfdGNwi6j3UC2WYsGyNyEf379i38BAAD%2F%2FwEAAP%2F%2Fwwqp1G4EAAA%3D HTTP/1.1
Host: aliastryalways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=14860800; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 18:35:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a6b54daf27ca3abc72c381ceafc32bf6
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/bi/4f/f5/8c/4ff58cd2bb012fc4509e904e42a86ac8/1654686906.jpg
45.133.44.9200 OK 9.9 kB URL HTTP/2 cdn.cloudimagesb.com/bi/4f/f5/8c/4ff58cd2bb012fc4509e904e42a86ac8/1654686906.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, resolutionunit=2], baseline, precision 8, 300x250, components 3\012- data
Hash 9511fb3661e60c46b11ca8ebb629bab4
d813801fe29ffe66fd1f2363bec17125d70f59ba
9143d24d3fd41c4b4eca39339cfac45628fe68e28354257a599afea88f0ddfb8
GET /bi/4f/f5/8c/4ff58cd2bb012fc4509e904e42a86ac8/1654686906.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:56 GMT
content-type: image/jpeg
content-length: 9888
server: nginx/1.17.6
last-modified: Wed, 08 Jun 2022 11:15:14 GMT
etag: "62a084c2-26a0"
expires: Sun, 04 Dec 2022 18:35:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
aliastryalways.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSejWwKqEA0CIorQYLz%2FrrcHSkQxjGyMLZJgizK2ZnZ83CzO6uZ3duzGywioQhRHFSQav2dHQsIKPkDkGBNE0VCyjXIBS74A6BASo3ufNLBk2be%2B943xfe9N58dFRfERUHPd97XB1IputJquo1Xd2XKdWkbW7cantt0rzV2ZXo1vNYYTi8zeNNzW033tca7gvX1iu96ruu5XmNdGhHr4cqMhczud71m122GftNrhRia%2F2NbOLDUAR9ckBcg%2BWR579FDSFYjTR6sCdvPdfb69aRQNNcGA376YdpPdZkiWZSxcRCnp%2FPX0HZCyNdXoNPTuQPowfHUASI5Ic7vHqL0dC4T0eDkUmmkIFJE%2FDmUgxpC1ZC0BtO3IfkTAjCOrW2kyb0tbUq6f8nSKTshS0%2F%2FgSwnZOmPF5EmP64qOWzc1KrIpU4thnEFOawhezWy4gz5gQNZnoHln0Ly38jK002kyfG2VRqSVzP3UtaQcQ0lRqDWQTE90kEROygyBwk%2Fb9BWN3bddhzFQdAJGWNBwFirc5W3eBB2YhcFm8obIc9GYGoEZg6RmUP05Qim%2BBl2r4LlDmw%2BIc4HhxjwCqUgKC1BSQlKSVDmBOWgOuHK%2Bra6x5UtIm%2Be%2FXkOqrHOe0f0ROc9kZKj7II8P5vLnzVBX5w3Qtb2%2FY7fDVmLed0oil1OgyB24zDoRG2fwcoK0l6ZWT2YLmntF2RyQshfbyCiZ7DqDEy%2BAlp4oOW47buge%2BOw4%2BIg%2FYEpyfo2VvtNphNwXSHLl5DvO0fqgrw0ExL%2BvQzBHpN5gJkKmanwsfyVoKfujG%2Fokhzf0KUlD7ezXCbygE6XdzOnuXjmu%2FfEfqkN31izo2%2FfZlNiWt6%2FJWy%2BSVMu054l369KzoVZ14YJ8tOG3RXRTmH3VguTFtnmzjvrG0lmhLVSpzWofPLRV2ByQpbFJ7Nv%2BfLdB5CmhikqJMVCqdQ1WHYImy16VhMYtcBR5qAsqrHxo0VTSQIlFphGFex%2FcLSoj%2Bwd9IwDmt9GmlQYmAoDVYGqEWzx7DjPzOO3Hn0zjbuIlDOOlHGOI2XUl5ejtfK80fJC0Yk6bcZ5JBj32n7QCVzX5zxsd4XXRW4n7PPrX%2FwLAAD%2F%2FwEAAP%2F%2F1wInMm4EAAA%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 aliastryalways.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSejWwKqEA0CIorQYLz%2FrrcHSkQxjGyMLZJgizK2ZnZ83CzO6uZ3duzGywioQhRHFSQav2dHQsIKPkDkGBNE0VCyjXIBS74A6BASo3ufNLBk2be%2B943xfe9N58dFRfERUHPd97XB1IputJquo1Xd2XKdWkbW7cantt0rzV2ZXo1vNYYTi8zeNNzW033tca7gvX1iu96ruu5XmNdGhHr4cqMhczud71m122GftNrhRia%2F2NbOLDUAR9ckBcg%2BWR579FDSFYjTR6sCdvPdfb69aRQNNcGA376YdpPdZkiWZSxcRCnp%2FPX0HZCyNdXoNPTuQPowfHUASI5Ic7vHqL0dC4T0eDkUmmkIFJE%2FDmUgxpC1ZC0BtO3IfkTAjCOrW2kyb0tbUq6f8nSKTshS0%2F%2FgSwnZOmPF5EmP64qOWzc1KrIpU4thnEFOawhezWy4gz5gQNZnoHln0Ly38jK002kyfG2VRqSVzP3UtaQcQ0lRqDWQTE90kEROygyBwk%2Fb9BWN3bddhzFQdAJGWNBwFirc5W3eBB2YhcFm8obIc9GYGoEZg6RmUP05Qim%2BBl2r4LlDmw%2BIc4HhxjwCqUgKC1BSQlKSVDmBOWgOuHK%2Bra6x5UtIm%2Be%2FXkOqrHOe0f0ROc9kZKj7II8P5vLnzVBX5w3Qtb2%2FY7fDVmLed0oil1OgyB24zDoRG2fwcoK0l6ZWT2YLmntF2RyQshfbyCiZ7DqDEy%2BAlp4oOW47buge%2BOw4%2BIg%2FYEpyfo2VvtNphNwXSHLl5DvO0fqgrw0ExL%2BvQzBHpN5gJkKmanwsfyVoKfujG%2Fokhzf0KUlD7ezXCbygE6XdzOnuXjmu%2FfEfqkN31izo2%2FfZlNiWt6%2FJWy%2BSVMu054l369KzoVZ14YJ8tOG3RXRTmH3VguTFtnmzjvrG0lmhLVSpzWofPLRV2ByQpbFJ7Nv%2BfLdB5CmhikqJMVCqdQ1WHYImy16VhMYtcBR5qAsqrHxo0VTSQIlFphGFex%2FcLSoj%2Bwd9IwDmt9GmlQYmAoDVYGqEWzx7DjPzOO3Hn0zjbuIlDOOlHGOI2XUl5ejtfK80fJC0Yk6bcZ5JBj32n7QCVzX5zxsd4XXRW4n7PPrX%2FwLAAD%2F%2FwEAAP%2F%2F1wInMm4EAAA%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSejWwKqEA0CIorQYLz%2FrrcHSkQxjGyMLZJgizK2ZnZ83CzO6uZ3duzGywioQhRHFSQav2dHQsIKPkDkGBNE0VCyjXIBS74A6BASo3ufNLBk2be%2B943xfe9N58dFRfERUHPd97XB1IputJquo1Xd2XKdWkbW7cantt0rzV2ZXo1vNYYTi8zeNNzW033tca7gvX1iu96ruu5XmNdGhHr4cqMhczud71m122GftNrhRia%2F2NbOLDUAR9ckBcg%2BWR579FDSFYjTR6sCdvPdfb69aRQNNcGA376YdpPdZkiWZSxcRCnp%2FPX0HZCyNdXoNPTuQPowfHUASI5Ic7vHqL0dC4T0eDkUmmkIFJE%2FDmUgxpC1ZC0BtO3IfkTAjCOrW2kyb0tbUq6f8nSKTshS0%2F%2FgSwnZOmPF5EmP64qOWzc1KrIpU4thnEFOawhezWy4gz5gQNZnoHln0Ly38jK002kyfG2VRqSVzP3UtaQcQ0lRqDWQTE90kEROygyBwk%2Fb9BWN3bddhzFQdAJGWNBwFirc5W3eBB2YhcFm8obIc9GYGoEZg6RmUP05Qim%2BBl2r4LlDmw%2BIc4HhxjwCqUgKC1BSQlKSVDmBOWgOuHK%2Bra6x5UtIm%2Be%2FXkOqrHOe0f0ROc9kZKj7II8P5vLnzVBX5w3Qtb2%2FY7fDVmLed0oil1OgyB24zDoRG2fwcoK0l6ZWT2YLmntF2RyQshfbyCiZ7DqDEy%2BAlp4oOW47buge%2BOw4%2BIg%2FYEpyfo2VvtNphNwXSHLl5DvO0fqgrw0ExL%2BvQzBHpN5gJkKmanwsfyVoKfujG%2Fokhzf0KUlD7ezXCbygE6XdzOnuXjmu%2FfEfqkN31izo2%2FfZlNiWt6%2FJWy%2BSVMu054l369KzoVZ14YJ8tOG3RXRTmH3VguTFtnmzjvrG0lmhLVSpzWofPLRV2ByQpbFJ7Nv%2BfLdB5CmhikqJMVCqdQ1WHYImy16VhMYtcBR5qAsqrHxo0VTSQIlFphGFex%2FcLSoj%2Bwd9IwDmt9GmlQYmAoDVYGqEWzx7DjPzOO3Hn0zjbuIlDOOlHGOI2XUl5ejtfK80fJC0Yk6bcZ5JBj32n7QCVzX5zxsd4XXRW4n7PPrX%2FwLAAD%2F%2FwEAAP%2F%2F1wInMm4EAAA%3D HTTP/1.1
Host: aliastryalways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=14860800; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 18:35:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd66475e753295f6c0e2750c457d2a26
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 368 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, from Unix\012- data
Size 368 kB (367457 bytes)
Hash 43ce8c943cfbff95ee7b0902e59dfd6c
e41d86442f0a2dc6e9f7d528a9602bf3b40a3c81
7ce9a621544270718b7eed5c03dea470b76ef3a16f63f0a84523909dffc62dfc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E152522F74DDF35AE04067C339896F8EC106BDEAB0A179482CB010FF545BA679"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5458
Expires: Fri, 02 Dec 2022 20:06:55 GMT
Date: Fri, 02 Dec 2022 18:35:57 GMT
Connection: keep-alive
taghaugh.com/?rb=xDYIe_o5biVrt3g7dzKJffNNYX15i0FwMctLIzq8_IIW7IUgSgLGHq1jXHfP4gDLnyOCVh3_AMfjuTfXRv1wCabAx04Z3OWGVBFkDQc5_Vebr6m0gLHijva5hPR7mVJyOkT1W09g_StBAqKmqkJQFolj9U0YFJRhzWiO_DsD7MiybP6UFK9QNlhBs8TuSwPwNRl9XfVw4K2I8gATcH6PAgmGBIaogXVqJEGANg%3D%3D&request_ab2=96001&zoneid=5491932&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fenit.in%2FN8qn7zm%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=cabb323b-a4a3-47f9-bbcf-ab80f7fbedc7&userId=8d9759e8cf274f5e8167b7e23e8ea363&m=link
139.45.197.237200 OK 22 kB URL HTTP/2 taghaugh.com/?rb=xDYIe_o5biVrt3g7dzKJffNNYX15i0FwMctLIzq8_IIW7IUgSgLGHq1jXHfP4gDLnyOCVh3_AMfjuTfXRv1wCabAx04Z3OWGVBFkDQc5_Vebr6m0gLHijva5hPR7mVJyOkT1W09g_StBAqKmqkJQFolj9U0YFJRhzWiO_DsD7MiybP6UFK9QNlhBs8TuSwPwNRl9XfVw4K2I8gATcH6PAgmGBIaogXVqJEGANg%3D%3D&request_ab2=96001&zoneid=5491932&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fenit.in%2FN8qn7zm%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=cabb323b-a4a3-47f9-bbcf-ab80f7fbedc7&userId=8d9759e8cf274f5e8167b7e23e8ea363&m=link
IP 139.45.197.237:0
File type JSON data\012- , ASCII text, with very long lines (2200)
Hash fac2f9c16c0ca956a8dfd5c78982019f
099096602c46460af82a3921c60d9a9f16a258f1
68f721560ec49515758639366e6c4a3d2e129056c58f24b25b80fce224164381
GET /?rb=xDYIe_o5biVrt3g7dzKJffNNYX15i0FwMctLIzq8_IIW7IUgSgLGHq1jXHfP4gDLnyOCVh3_AMfjuTfXRv1wCabAx04Z3OWGVBFkDQc5_Vebr6m0gLHijva5hPR7mVJyOkT1W09g_StBAqKmqkJQFolj9U0YFJRhzWiO_DsD7MiybP6UFK9QNlhBs8TuSwPwNRl9XfVw4K2I8gATcH6PAgmGBIaogXVqJEGANg%3D%3D&request_ab2=96001&zoneid=5491932&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fenit.in%2FN8qn7zm%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=cabb323b-a4a3-47f9-bbcf-ab80f7fbedc7&userId=8d9759e8cf274f5e8167b7e23e8ea363&m=link HTTP/1.1
Host: taghaugh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://enit.in/
Origin: https://enit.in
Connection: keep-alive
Cookie: OAID=8d9759e8cf274f5e8167b7e23e8ea363; oaidts=1670006155
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 18:35:56 GMT
content-type: application/json
x-trace-id: 2b5e2d56d1893f2b873f3c71a35f5e18
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=8d9759e8cf274f5e8167b7e23e8ea363; expires=Sat, 02 Dec 2023 18:35:56 GMT; path=/; secure; SameSite=None
oaidts=1670006156; expires=Sat, 02 Dec 2023 18:35:56 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 09 Dec 2022 18:35:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-PMDXVPR38M>m=2oebu0&_p=889732485&cid=1155457432.1670006155&ul=en-us&sr=1280x1024&_s=1&sid=1670006154&sct=1&seg=0&dl=https%3A%2F%2Fenit.in%2FN8qn7zm&dt=Loan2Host&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-PMDXVPR38M>m=2oebu0&_p=889732485&cid=1155457432.1670006155&ul=en-us&sr=1280x1024&_s=1&sid=1670006154&sct=1&seg=0&dl=https%3A%2F%2Fenit.in%2FN8qn7zm&dt=Loan2Host&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-PMDXVPR38M>m=2oebu0&_p=889732485&cid=1155457432.1670006155&ul=en-us&sr=1280x1024&_s=1&sid=1670006154&sct=1&seg=0&dl=https%3A%2F%2Fenit.in%2FN8qn7zm&dt=Loan2Host&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://enit.in
date: Fri, 02 Dec 2022 18:35:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
integrityprinciplesthorough.com/sbar.json?key=34aa847f855cc91a3510c99f05af9a65&uuid=933e1d12-323c-4cf2-bce1-9ea726354336%3A3%3A1
173.233.137.60200 OK 4.1 kB URL HTTP/1.1 integrityprinciplesthorough.com/sbar.json?key=34aa847f855cc91a3510c99f05af9a65&uuid=933e1d12-323c-4cf2-bce1-9ea726354336%3A3%3A1
IP 173.233.137.60:0
File type JSON data\012- , ASCII text, with very long lines (5726), with no line terminators
Hash 0fee96f1e4f5bdca6c3043411f6d3fcf
0d7a49380b93928358c2f5a4d9bfe8bb7de17584
be932a109bad0db13fdcdca6baed108887cd3385302e11791205599b07190481
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=34aa847f855cc91a3510c99f05af9a65&uuid=933e1d12-323c-4cf2-bce1-9ea726354336%3A3%3A1 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 02 Dec 2022 18:35:57 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://enit.in
Access-Control-Allow-Origin: https://enit.in
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15467565; expires=Sat, 03 Dec 2022 18:35:56 GMT; secure; SameSite=None
uid_id2=933e1d12-323c-4cf2-bce1-9ea726354336:3:1; expires=Fri, 09 Dec 2022 18:35:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 03 Dec 2022 18:35:57 GMT; secure; SameSite=None
uncs=1; expires=Sat, 03 Dec 2022 18:35:57 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 03 Dec 2022 18:35:57 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 03 Dec 2022 18:35:57 GMT; secure; SameSite=None
slec34aa847f855cc91a3510c99f05af9a65=[3760946]; expires=Fri, 02 Dec 2022 18:36:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d4f4db1be24a37aca547907f2a9a522
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7d1faadab2ea7470d8583fdd3cb307e4
4828ca0f513f56d98217eeb5ba2a67bb3e43857c
03868b05980b9226076348aaf022333113570beaeb7a2c136dc1d28d107e4ee4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03868B05980B9226076348AAF022333113570BEAEB7A2C136DC1D28D107E4EE4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8955
Expires: Fri, 02 Dec 2022 21:05:12 GMT
Date: Fri, 02 Dec 2022 18:35:57 GMT
Connection: keep-alive
specialistinsensitive.com/pixel/purst?dl=0&th=0&sc=0&rs=3056&rd=3056&fd=812&bv=22.10.v.10&tmpl=136
192.243.59.13200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/pixel/purst?dl=0&th=0&sc=0&rs=3056&rd=3056&fd=812&bv=22.10.v.10&tmpl=136
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3056&rd=3056&fd=812&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 18:35:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9abc24f39564dc848d6bcdefbcdafc7b
b8c7e8e03ebea34dc55cb1edc5821875ef3b8ced
746046171e16c754f1385bee917d0d771988a6cc69bfef15b30af8d773cad83f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "746046171E16C754F1385BEE917D0D771988A6CC69BFEF15B30AF8D773CAD83F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5876
Expires: Fri, 02 Dec 2022 20:13:53 GMT
Date: Fri, 02 Dec 2022 18:35:57 GMT
Connection: keep-alive
integrityprinciplesthorough.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o0XPSl7EVTm4EHBmfSP6cy0e1iM2SzBbBJ2V3Kurq6elFPd1VR1T0%2FmFFyQRRRGvHjsvEk2qOvi%2FgGiTvYiUWHHg%2BRgQM8iC8KeZSYDwXfo7%2Fv6fYf33lcf7RdnxEZBT7duqoGQki76Dbv2xrZII1Wa2sadmmM37Ku1bZEuNa%2FW%2BtOP7r3t2H7DfrN2g7OuWnRtx7Yd26mtCs1j1V%2BcsRDZg8BpBHaj6TYcv4m%2B%2Fv9sCguGWoh6Z%2BQliGjy3M5PjyDYGGny7Qo33Vxlb11PCklzpdGLjt5Pu6kqUyQXbawtxOnRfBvKTAj54hJUejR3ANU7mDpAKCbE%2Bt1BmB7NZSLsHZ4rDSV4ijB6AWVvDC7HEHQMpu5CRE8IwCJsbCJN7m8oXdLdc5ZO2QlZePYvRDkhC39cQZo8XJaiX7utZJELlRr04wqiP4bojJEVx8gHFkR5DJZ%2FCBH9ShafrSNNDjaNVBDR6euB53Encty653qs3mSxWw8Zd%2BoBpy13yfObnrc0i0iIMUQ8huRDUHMZhbFQCAtFbKHILCTRaY36QWzbrTiMPa%2FdZIx5HmN%2BeynyI6%2FZjm0UbOphiDwbgskhmN5DpvfQFUPo4geYnQomsmBygl5UoeQEpSEoKUEpCMqcoOxVh5E0rqnuR9IUoTOv7rx61UjlnX16qPIOT8l%2BdkZenAX390IdXX5a85qUtputuO37jAUO9XzHZkEQ2z6NA7rkw4gKwlwCNRYG0yuu%2FIhMTAj5p46QHsPIYzDxCmjxKmg5ark26M6o2bYxSL9hUrCuieVug6kEkaqQ5QvId619eUZengkJmAvOTq49%2FXmKX8B0hUxX%2BEA8JujIe6NbqiQHt1RpyKPNLBeJGNDpdW%2FnNOcLX73Hd0ulo7UVM%2FzyHTYlpu2DO9zk6zSNRNox5OtlEUVcryrNOPluzWzzcKswO8uFTotsfevd1bUk09wYodIxqHjS%2BhxMTMjzN%2Fdm7%2Fa1Tx5D6DF0USEpTsgcEOoYLNuDyU6u%2FXVl8OeNh1dgFIGWFzthZqEsqpF2w4ufUhBIfjHTsILhFxGE%2FOT7p%2BfcvrmHjrZA87tIkwo9XaEnK1A5hCkuj%2FJMn1z7zZsBobRGodTWQSi1%2FOw8WiNOa9yP7ZjbLg%2FjIIxb1I6CuBmENHB4K%2FSpg9xM2MfXP%2F0PAAD%2F%2FwEAAP%2F%2FA%2BGFzo8EAAA%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 integrityprinciplesthorough.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o0XPSl7EVTm4EHBmfSP6cy0e1iM2SzBbBJ2V3Kurq6elFPd1VR1T0%2FmFFyQRRRGvHjsvEk2qOvi%2FgGiTvYiUWHHg%2BRgQM8iC8KeZSYDwXfo7%2Fv6fYf33lcf7RdnxEZBT7duqoGQki76Dbv2xrZII1Wa2sadmmM37Ku1bZEuNa%2FW%2BtOP7r3t2H7DfrN2g7OuWnRtx7Yd26mtCs1j1V%2BcsRDZg8BpBHaj6TYcv4m%2B%2Fv9sCguGWoh6Z%2BQliGjy3M5PjyDYGGny7Qo33Vxlb11PCklzpdGLjt5Pu6kqUyQXbawtxOnRfBvKTAj54hJUejR3ANU7mDpAKCbE%2Bt1BmB7NZSLsHZ4rDSV4ijB6AWVvDC7HEHQMpu5CRE8IwCJsbCJN7m8oXdLdc5ZO2QlZePYvRDkhC39cQZo8XJaiX7utZJELlRr04wqiP4bojJEVx8gHFkR5DJZ%2FCBH9ShafrSNNDjaNVBDR6euB53Encty653qs3mSxWw8Zd%2BoBpy13yfObnrc0i0iIMUQ8huRDUHMZhbFQCAtFbKHILCTRaY36QWzbrTiMPa%2FdZIx5HmN%2BeynyI6%2FZjm0UbOphiDwbgskhmN5DpvfQFUPo4geYnQomsmBygl5UoeQEpSEoKUEpCMqcoOxVh5E0rqnuR9IUoTOv7rx61UjlnX16qPIOT8l%2BdkZenAX390IdXX5a85qUtputuO37jAUO9XzHZkEQ2z6NA7rkw4gKwlwCNRYG0yuu%2FIhMTAj5p46QHsPIYzDxCmjxKmg5ark26M6o2bYxSL9hUrCuieVug6kEkaqQ5QvId619eUZengkJmAvOTq49%2FXmKX8B0hUxX%2BEA8JujIe6NbqiQHt1RpyKPNLBeJGNDpdW%2FnNOcLX73Hd0ulo7UVM%2FzyHTYlpu2DO9zk6zSNRNox5OtlEUVcryrNOPluzWzzcKswO8uFTotsfevd1bUk09wYodIxqHjS%2BhxMTMjzN%2Fdm7%2Fa1Tx5D6DF0USEpTsgcEOoYLNuDyU6u%2FXVl8OeNh1dgFIGWFzthZqEsqpF2w4ufUhBIfjHTsILhFxGE%2FOT7p%2BfcvrmHjrZA87tIkwo9XaEnK1A5hCkuj%2FJMn1z7zZsBobRGodTWQSi1%2FOw8WiNOa9yP7ZjbLg%2FjIIxb1I6CuBmENHB4K%2FSpg9xM2MfXP%2F0PAAD%2F%2FwEAAP%2F%2FA%2BGFzo8EAAA%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o0XPSl7EVTm4EHBmfSP6cy0e1iM2SzBbBJ2V3Kurq6elFPd1VR1T0%2FmFFyQRRRGvHjsvEk2qOvi%2FgGiTvYiUWHHg%2BRgQM8iC8KeZSYDwXfo7%2Fv6fYf33lcf7RdnxEZBT7duqoGQki76Dbv2xrZII1Wa2sadmmM37Ku1bZEuNa%2FW%2BtOP7r3t2H7DfrN2g7OuWnRtx7Yd26mtCs1j1V%2BcsRDZg8BpBHaj6TYcv4m%2B%2Fv9sCguGWoh6Z%2BQliGjy3M5PjyDYGGny7Qo33Vxlb11PCklzpdGLjt5Pu6kqUyQXbawtxOnRfBvKTAj54hJUejR3ANU7mDpAKCbE%2Bt1BmB7NZSLsHZ4rDSV4ijB6AWVvDC7HEHQMpu5CRE8IwCJsbCJN7m8oXdLdc5ZO2QlZePYvRDkhC39cQZo8XJaiX7utZJELlRr04wqiP4bojJEVx8gHFkR5DJZ%2FCBH9ShafrSNNDjaNVBDR6euB53Encty653qs3mSxWw8Zd%2BoBpy13yfObnrc0i0iIMUQ8huRDUHMZhbFQCAtFbKHILCTRaY36QWzbrTiMPa%2FdZIx5HmN%2BeynyI6%2FZjm0UbOphiDwbgskhmN5DpvfQFUPo4geYnQomsmBygl5UoeQEpSEoKUEpCMqcoOxVh5E0rqnuR9IUoTOv7rx61UjlnX16qPIOT8l%2BdkZenAX390IdXX5a85qUtputuO37jAUO9XzHZkEQ2z6NA7rkw4gKwlwCNRYG0yuu%2FIhMTAj5p46QHsPIYzDxCmjxKmg5ark26M6o2bYxSL9hUrCuieVug6kEkaqQ5QvId619eUZengkJmAvOTq49%2FXmKX8B0hUxX%2BEA8JujIe6NbqiQHt1RpyKPNLBeJGNDpdW%2FnNOcLX73Hd0ulo7UVM%2FzyHTYlpu2DO9zk6zSNRNox5OtlEUVcryrNOPluzWzzcKswO8uFTotsfevd1bUk09wYodIxqHjS%2BhxMTMjzN%2Fdm7%2Fa1Tx5D6DF0USEpTsgcEOoYLNuDyU6u%2FXVl8OeNh1dgFIGWFzthZqEsqpF2w4ufUhBIfjHTsILhFxGE%2FOT7p%2BfcvrmHjrZA87tIkwo9XaEnK1A5hCkuj%2FJMn1z7zZsBobRGodTWQSi1%2FOw8WiNOa9yP7ZjbLg%2FjIIxb1I6CuBmENHB4K%2FSpg9xM2MfXP%2F0PAAD%2F%2FwEAAP%2F%2FA%2BGFzo8EAAA%3D HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=933e1d12-323c-4cf2-bce1-9ea726354336:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34aa847f855cc91a3510c99f05af9a65=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 02 Dec 2022 18:35:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0197b0b23ee9a08ea85c65d837a49378
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
45.133.44.4200 OK 991 B URL HTTP/2 cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash 28276c2df3098fb5123362addf8e8ef0
e985cac572b4ec1e50ce14e21ce3de441df79c4c
508c1d8601deb05aaa8e9a2331ef5175e533371fd3d44468513de84e035cc4a5
Analyzer Verdict Alert fortinet Phishing
GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:57 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 02 Dec 2022 19:35:57 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-110155808-1&cid=1155457432.1670006155&jid=1171338775&gjid=1596308655&_gid=354383090.1670006155&_u=YADAAEAAAAAAACAAI~&z=76242840
64.233.165.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-110155808-1&cid=1155457432.1670006155&jid=1171338775&gjid=1596308655&_gid=354383090.1670006155&_u=YADAAEAAAAAAACAAI~&z=76242840
IP 64.233.165.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-110155808-1&cid=1155457432.1670006155&jid=1171338775&gjid=1596308655&_gid=354383090.1670006155&_u=YADAAEAAAAAAACAAI~&z=76242840 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://enit.in
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 18:35:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0f3fa70c4b85f9af8be81db15f2473b6
e5dadf573bde48707d00993b7a0301f7303f1a73
ede2da5cda82417700a040d95008b37aa7a30c1eeb053993b82c74fabbff65ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EDE2DA5CDA82417700A040D95008B37AA7A30C1EEB053993B82C74FABBFF65EA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10073
Expires: Fri, 02 Dec 2022 21:23:50 GMT
Date: Fri, 02 Dec 2022 18:35:57 GMT
Connection: keep-alive
s4.histats.com/stats/0.php?3963887&@f16&@g1&@h1&@i1&@j1670006154221&@k0&@l1&@mLoan2Host&@n0User=445385|Plan=High&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:102815934&@b3:1670006154&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fenit.in%2FN8qn7zm%23&@w
149.56.240.27200 OK 64 B URL HTTP/1.1 s4.histats.com/stats/0.php?3963887&@f16&@g1&@h1&@i1&@j1670006154221&@k0&@l1&@mLoan2Host&@n0User=445385|Plan=High&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:102815934&@b3:1670006154&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fenit.in%2FN8qn7zm%23&@w
IP 149.56.240.27:0
File type ASCII text, with no line terminators
Hash 8c61d21041b85b620cc01a08afbe166e
f0f28eedefb5b852a2a497ee373e8b72c630bb85
e1c6b55337fe03f090b1090b8eec3c6e78b4625967ad2eb8182a93d27ea0352e
GET /stats/0.php?3963887&@f16&@g1&@h1&@i1&@j1670006154221&@k0&@l1&@mLoan2Host&@n0User=445385|Plan=High&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:102815934&@b3:1670006154&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fenit.in%2FN8qn7zm%23&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:35:57 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 64
Connection: close
integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=93
173.233.137.60200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=93
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=93 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=933e1d12-323c-4cf2-bce1-9ea726354336:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34aa847f855cc91a3510c99f05af9a65=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 02 Dec 2022 18:35:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
taghaugh.com/5/5491932
139.45.197.237200 OK 29 kB IP 139.45.197.237:0
Hash c9abfe85453e04e91de6e7bee952ee5e
434f9144093ee4d83f0412776932782bd695c396
9b8b63b86801b9320711055bf44e0b160dbe57cc1f3920d3c0c606e94d893528
GET /5/5491932 HTTP/1.1
Host: taghaugh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 18:35:55 GMT
content-type: application/javascript
x-trace-id: d5b73f8932427ddcb9bd8c68224c0180
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=8d9759e8cf274f5e8167b7e23e8ea363; expires=Sat, 02 Dec 2023 18:35:55 GMT; path=/; secure; SameSite=None
oaidts=1670006155; expires=Sat, 02 Dec 2023 18:35:55 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
172.64.109.13200 OK 9.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
IP 172.64.109.13:0
File type PNG image data, 240 x 240, 8-bit colormap, non-interlaced\012- data
Hash 910542c04f8bf2f90ee33d17d538a006
18d5943e5d51539038f7988c34bccef2937c5545
5969cb3c5c4f573f5c05035ddf9748ee17d5c71df6fca4e484f65d30e2694e57
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:57 GMT
content-type: image/png
content-length: 9360
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: "612f708f-2490"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1485827
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkAW2oIqZs8ojyNhe5%2B6hgiC9Oktd3NOMMBRmDcbAsrRMfvjy58jX9bRf7sDecEOP7J85IVDaCUBMskc0XyIvxRHWZZ1D2lqYVEQLJrEZP8XMC%2Fndwrp%2FYcslCmeFabfCvZlaLfQ2E4D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77362a54acd4751d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 59ccaf5f1bf1101f3d43ae777be4f6a9
2740c2403e005eac512a829e64de6a03a65fcbb6
1c6da1c071531cd11b32e943b42798202de1a80882e067773ed4d6147094587f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110155808-1&cid=1155457432.1670006155&jid=1171338775&_u=YADAAEAAAAAAACAAI~&z=2130020246
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110155808-1&cid=1155457432.1670006155&jid=1171338775&_u=YADAAEAAAAAAACAAI~&z=2130020246
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110155808-1&cid=1155457432.1670006155&jid=1171338775&_u=YADAAEAAAAAAACAAI~&z=2130020246 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 18:35:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.140.24200 OK 27 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.140.24:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 249d5bb8f8d5fd948efc1354d88c6817
7c912d3b06643207404fedefff09fafa13366c0d
f3bfe89639b988ecb00f0cfee2f14749541d67e96bd6b6308d6e934031db1352
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:56 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7d743cf7e69a80edded31cb7f1fb4ba4
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 02 Dec 2022 18:35:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvDRZoLPU2pq7agudsovAjhPHjBNmZIcjiEXgNuD7Uu7DDVIlE%2BlA9keCn8fnpfUBmSIqOGQW%2B6FlODqLSttfWZGJ40Rj%2FHjsVWzea8cLgxO0f%2BD6Yt4VAgvy%2BHoOnGsX9S18ZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77362a4bbefb7300-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 59ccaf5f1bf1101f3d43ae777be4f6a9
2740c2403e005eac512a829e64de6a03a65fcbb6
1c6da1c071531cd11b32e943b42798202de1a80882e067773ed4d6147094587f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
172.64.109.13200 OK 1.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
IP 172.64.109.13:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash ec95c11f02dd3771cc03b8d809a4e7d3
868d249e1b169efed5da24537548e846b6f2f8da
3c9f31a7838014811255402d34f582bf07d76904341cd721c24da992970be849
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:57 GMT
content-type: image/svg+xml
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: W/"612f708f-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1485827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BfsS3pmzy%2B92%2FyN50TYZUYmmAsWfexaecgkRQLJpOqPyOgysEJKYY0KruhuOaJkwmJN1TXjLuPWLsAyIC6IHAYFUJ172Mepxr%2FZKnUJ2tMyG3sZiNf8ODMy3SpXfhA2KA%2F94PMwacy5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77362a54acd3751d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=122
173.233.137.60200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=122
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=122 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=933e1d12-323c-4cf2-bce1-9ea726354336:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34aa847f855cc91a3510c99f05af9a65=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 02 Dec 2022 18:35:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=33
173.233.137.60200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=33
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=33 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=933e1d12-323c-4cf2-bce1-9ea726354336:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34aa847f855cc91a3510c99f05af9a65=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 02 Dec 2022 18:35:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:0
Hash 2bf90cb0b9136daa6517f33a94e08ec8
115649c4fdc08ee1115e281e1bd12bb79c4285b3
1c317f4588c9eb0fe11e7fe550f6668ccc83c5fff64698bd7c6d5894a40baa4f
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 18:35:57 GMT
date: Fri, 02 Dec 2022 18:35:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
integrityprinciplesthorough.com/pixel/sbs?c=1
173.233.137.60200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/sbs?c=1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=933e1d12-323c-4cf2-bce1-9ea726354336:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34aa847f855cc91a3510c99f05af9a65=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 02 Dec 2022 18:35:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
integrityprinciplesthorough.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTtaLnpRcBJU5eFBwZ%2FvnzrQ5BGN%2BEMwvkkjO1VXVs%2BVUdzVV3dOzc1oMSBCFES8ee99ssqgxmD9A1NlcZFXIeJA9uKBnkYCQs8zswOI79Pd9%2Fb7De%2B%2Brj7arQ%2BKiogfXr%2BiRVIquRW239cZtmXNd29bVWy3PbbunW7dlvh6ebg3nHzN423Ojtvtm66Jgfb3mu57req7XuiCNSPVwbcFCFg9irx277dBve1GIofn%2FbCsHljrgg0PyEiSfPbfx0yNINkWefXtO2H6pi7fOZ5WipTYY8N33836u6xzZcZsaB2m%2Bu9yGtjNCvjgBne8uHUAPduYOkMgZcX73kOS7S5lIBveOlCYKIkfCX0A9mEKoKSSdguk7kPwJARjH1WvIs%2FtXtanp5hFL5%2ByMrDz7F7KekZU%2FTiHPHp5Vcti6qVVVSp1bDNMGcjiF7E1RVHsoRw5kvQdWfgjJfyVrzy4jz3auWaUh%2BcHrcRAIj3v%2BauAHbDVkqb%2BaMOGtxoJ2%2FPUgCoNgfRGRlFPIdAolxqD2JCrroJIOqtRBVTjI%2BEGLRnHqup00SYOgGzLGgoCxqLvOIx6E3dRFxeYexiiLMZgag5ktFGYLfTmGqX6A3WhguQNbEgx4g1oQ1JagpgS1JKhLgnrQ3OPK%2Bra5z5WtEm9Z%2FWUNmokue9v0ni57IifbxSF5cRHc3yur6IuDVhBS2g07aTeKGIs9GkSey%2BI4dSOaxnQ9gpUNpD0Bah2M5lc89yMKOSPkn1UkdA9W7YHJV0CrV0HrScd3QTcmYdfFKP%2BGKcn6NlWbbaYzcN2gKFdQbjrb6pC8vBASMx%2BC7Z95%2BvMcv4CZBoVp8IF8TNBTdyc3dE12bujakkfXilJmckTn171Z0lKsfPWe2Ky14ZfO2fGX77A5MW8f3BK2vExzLvOeJV%2BflZwLc0EbJsh3l%2BxtkVyv7MbZyuRVcfn6uxcuZYUR1kqdT0Hlk87nYHJGnr%2BytXi3r33yGNJMYaoGWbVPloDUe2DFFmyxf%2BavU6M%2FLz48BasJjDreSQoHddVMjJ8c%2F1SSQInjmSYNrDiOIBH73z894rbtXfSMA1reQZ41GJgGA9WAqjFsdXJSFmb%2FzG%2FBAkiUM0mUcXYSZdRnR9FaedCKvFB0k26HcZ4Ixr2OH3QD1%2FU5Dzux8GKUdsY%2BPv%2FpfwAAAP%2F%2FAQAA%2F%2F8X6QsojwQAAA%3D%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 integrityprinciplesthorough.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTtaLnpRcBJU5eFBwZ%2FvnzrQ5BGN%2BEMwvkkjO1VXVs%2BVUdzVV3dOzc1oMSBCFES8ee99ssqgxmD9A1NlcZFXIeJA9uKBnkYCQs8zswOI79Pd9%2Fb7De%2B%2Brj7arQ%2BKiogfXr%2BiRVIquRW239cZtmXNd29bVWy3PbbunW7dlvh6ebg3nHzN423Ojtvtm66Jgfb3mu57req7XuiCNSPVwbcFCFg9irx277dBve1GIofn%2FbCsHljrgg0PyEiSfPbfx0yNINkWefXtO2H6pi7fOZ5WipTYY8N33836u6xzZcZsaB2m%2Bu9yGtjNCvjgBne8uHUAPduYOkMgZcX73kOS7S5lIBveOlCYKIkfCX0A9mEKoKSSdguk7kPwJARjH1WvIs%2FtXtanp5hFL5%2ByMrDz7F7KekZU%2FTiHPHp5Vcti6qVVVSp1bDNMGcjiF7E1RVHsoRw5kvQdWfgjJfyVrzy4jz3auWaUh%2BcHrcRAIj3v%2BauAHbDVkqb%2BaMOGtxoJ2%2FPUgCoNgfRGRlFPIdAolxqD2JCrroJIOqtRBVTjI%2BEGLRnHqup00SYOgGzLGgoCxqLvOIx6E3dRFxeYexiiLMZgag5ktFGYLfTmGqX6A3WhguQNbEgx4g1oQ1JagpgS1JKhLgnrQ3OPK%2Bra5z5WtEm9Z%2FWUNmokue9v0ni57IifbxSF5cRHc3yur6IuDVhBS2g07aTeKGIs9GkSey%2BI4dSOaxnQ9gpUNpD0Bah2M5lc89yMKOSPkn1UkdA9W7YHJV0CrV0HrScd3QTcmYdfFKP%2BGKcn6NlWbbaYzcN2gKFdQbjrb6pC8vBASMx%2BC7Z95%2BvMcv4CZBoVp8IF8TNBTdyc3dE12bujakkfXilJmckTn171Z0lKsfPWe2Ky14ZfO2fGX77A5MW8f3BK2vExzLvOeJV%2BflZwLc0EbJsh3l%2BxtkVyv7MbZyuRVcfn6uxcuZYUR1kqdT0Hlk87nYHJGnr%2BytXi3r33yGNJMYaoGWbVPloDUe2DFFmyxf%2BavU6M%2FLz48BasJjDreSQoHddVMjJ8c%2F1SSQInjmSYNrDiOIBH73z894rbtXfSMA1reQZ41GJgGA9WAqjFsdXJSFmb%2FzG%2FBAkiUM0mUcXYSZdRnR9FaedCKvFB0k26HcZ4Ixr2OH3QD1%2FU5Dzux8GKUdsY%2BPv%2FpfwAAAP%2F%2FAQAA%2F%2F8X6QsojwQAAA%3D%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTtaLnpRcBJU5eFBwZ%2FvnzrQ5BGN%2BEMwvkkjO1VXVs%2BVUdzVV3dOzc1oMSBCFES8ee99ssqgxmD9A1NlcZFXIeJA9uKBnkYCQs8zswOI79Pd9%2Fb7De%2B%2Brj7arQ%2BKiogfXr%2BiRVIquRW239cZtmXNd29bVWy3PbbunW7dlvh6ebg3nHzN423Ojtvtm66Jgfb3mu57req7XuiCNSPVwbcFCFg9irx277dBve1GIofn%2FbCsHljrgg0PyEiSfPbfx0yNINkWefXtO2H6pi7fOZ5WipTYY8N33836u6xzZcZsaB2m%2Bu9yGtjNCvjgBne8uHUAPduYOkMgZcX73kOS7S5lIBveOlCYKIkfCX0A9mEKoKSSdguk7kPwJARjH1WvIs%2FtXtanp5hFL5%2ByMrDz7F7KekZU%2FTiHPHp5Vcti6qVVVSp1bDNMGcjiF7E1RVHsoRw5kvQdWfgjJfyVrzy4jz3auWaUh%2BcHrcRAIj3v%2BauAHbDVkqb%2BaMOGtxoJ2%2FPUgCoNgfRGRlFPIdAolxqD2JCrroJIOqtRBVTjI%2BEGLRnHqup00SYOgGzLGgoCxqLvOIx6E3dRFxeYexiiLMZgag5ktFGYLfTmGqX6A3WhguQNbEgx4g1oQ1JagpgS1JKhLgnrQ3OPK%2Bra5z5WtEm9Z%2FWUNmokue9v0ni57IifbxSF5cRHc3yur6IuDVhBS2g07aTeKGIs9GkSey%2BI4dSOaxnQ9gpUNpD0Bah2M5lc89yMKOSPkn1UkdA9W7YHJV0CrV0HrScd3QTcmYdfFKP%2BGKcn6NlWbbaYzcN2gKFdQbjrb6pC8vBASMx%2BC7Z95%2BvMcv4CZBoVp8IF8TNBTdyc3dE12bujakkfXilJmckTn171Z0lKsfPWe2Ky14ZfO2fGX77A5MW8f3BK2vExzLvOeJV%2BflZwLc0EbJsh3l%2BxtkVyv7MbZyuRVcfn6uxcuZYUR1kqdT0Hlk87nYHJGnr%2BytXi3r33yGNJMYaoGWbVPloDUe2DFFmyxf%2BavU6M%2FLz48BasJjDreSQoHddVMjJ8c%2F1SSQInjmSYNrDiOIBH73z894rbtXfSMA1reQZ41GJgGA9WAqjFsdXJSFmb%2FzG%2FBAkiUM0mUcXYSZdRnR9FaedCKvFB0k26HcZ4Ixr2OH3QD1%2FU5Dzux8GKUdsY%2BPv%2FpfwAAAP%2F%2FAQAA%2F%2F8X6QsojwQAAA%3D%3D HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=933e1d12-323c-4cf2-bce1-9ea726354336:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec34aa847f855cc91a3510c99f05af9a65=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 02 Dec 2022 18:35:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d086d7082fea5f844d28cac7e9530a1e
Strict-Transport-Security: max-age=0; includeSubdomains
stats.vlitag.com/abd/?id=20d313df53dcd38d64b77cc80046d519&detect=notfound
104.22.59.199404 Not Found 16 B URL HTTP/2 stats.vlitag.com/abd/?id=20d313df53dcd38d64b77cc80046d519&detect=notfound
IP 104.22.59.199:0
File type ASCII text, with no line terminators
Hash 1115f7a1093f138d54aef2fefb4b750d
b3c623dd30ea8c0bfc35e00c382015cac36df6e5
210c99832d53c42821ce060195b55fbb5d1f7842513016adf1f32d808ed5ea64
GET /abd/?id=20d313df53dcd38d64b77cc80046d519&detect=notfound HTTP/1.1
Host: stats.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 02 Dec 2022 18:35:58 GMT
content-type: text/plain; charset=utf-8
content-length: 16
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77362a56fba7b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 77a6b6638e0ee5ec4eeb988d3d3af050
219272781fc7a6ac331496b257c7976daa7b62de
d3092d8548c448fab08751eb00cce0ffb883786084d77320da1e0a858b70c5cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3092D8548C448FAB08751EB00CCE0FFB883786084D77320DA1E0A858B70C5CB"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1947
Expires: Fri, 02 Dec 2022 19:08:25 GMT
Date: Fri, 02 Dec 2022 18:35:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 77a6b6638e0ee5ec4eeb988d3d3af050
219272781fc7a6ac331496b257c7976daa7b62de
d3092d8548c448fab08751eb00cce0ffb883786084d77320da1e0a858b70c5cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3092D8548C448FAB08751EB00CCE0FFB883786084D77320DA1E0A858B70C5CB"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1947
Expires: Fri, 02 Dec 2022 19:08:25 GMT
Date: Fri, 02 Dec 2022 18:35:58 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/lPMK3rCZ68Y
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/lPMK3rCZ68Y
IP 142.250.74.131:0
Hash fa07c088eb616fd60f63e27719bc3284
c36d48bb31be6c0e05e1d275c0d1e5b9c8125f0e
750c2ededbce83d50a2322ab054c8650d77d521053306447f40d55b6e40a57d7
POST /s/gts1p5/lPMK3rCZ68Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110155808-1&cid=1155457432.1670006155&jid=1171338775&_u=YADAAEAAAAAAACAAI~&z=2130020246
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110155808-1&cid=1155457432.1670006155&jid=1171338775&_u=YADAAEAAAAAAACAAI~&z=2130020246
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110155808-1&cid=1155457432.1670006155&jid=1171338775&_u=YADAAEAAAAAAACAAI~&z=2130020246 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 18:35:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=933e1d12-323c-4cf2-bce1-9ea726354336&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=34aa847f855cc91a3510c99f05af9a65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=933e1d12-323c-4cf2-bce1-9ea726354336&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=34aa847f855cc91a3510c99f05af9a65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=933e1d12-323c-4cf2-bce1-9ea726354336&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=34aa847f855cc91a3510c99f05af9a65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 18:35:58 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8d7d4f29ec4953597c0aa88926eeee70
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=933e1d12-323c-4cf2-bce1-9ea726354336&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=250c944ba40284021e738ce5e5482313&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=933e1d12-323c-4cf2-bce1-9ea726354336&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=250c944ba40284021e738ce5e5482313&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=933e1d12-323c-4cf2-bce1-9ea726354336&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=250c944ba40284021e738ce5e5482313&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 18:35:58 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2d71dfef002ebaa3a6da4e317b3626ba
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:56 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fQBLolwp7sgX65EF%2B0XizlSPOgkB0kW1A3C0H8%2BVSqlRtlPvrv4yrQdZ1w8USDeAT5XGKLf5pF5PIvaOCSfJZmFFJHArHXa9%2Be1yz4CvKb9bRzPiSAMilPb9Xm2Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77362a4b9904b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
IP 172.64.109.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:57 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-11aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 24670
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DeENHTLzRSXAdMIaAaFsoDq8PZauFCKCL0YO6pjitWpfVq6t1wkAok53AL%2BQN5iiJf0sdg4bfjpx5uEvN0bBb13wFFFBDOvmH%2BnFgUIenu%2FQmBFYcK%2BySRRJ76%2FxR1ynYWb6%2FYqISLaG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77362a540be9751d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
IP 172.64.109.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:57 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 116509
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PG%2F5oCebtKxcsTkj569Yg0dco78S75kBaY96YQ3jkXYirc3rFcam3%2B1en4%2B0FgGs5%2Fh5YP9EQ1akmIzOTfN%2FfbkhA9HCLwS5P6BUHZsRjIBj4fDzuJGtR5OunqTOQCVu1SP8ROA%2FWDqx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77362a542c28751d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
IP 172.64.109.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:57 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:37 GMT
etag: W/"612f708d-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1485827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UL9g6Mn%2F0rEH848T4BIxGnwj9jo6AZcVS5mmw%2BsRv%2BvRsqS3TYIU4b28vZEh%2BNpoAccf4rt9GUL5aWpTRuReDmcAkR6nuukhymHuK%2BvV5P3NqMZDbG19e9hANTprP%2FTdqQZV4fJexFOh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77362a54ace8751d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js
IP 172.64.109.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:35:57 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:36 GMT
etag: W/"612f708c-7082"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 283930
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFdxlqKxbsmfK8Tekpfyn0Kwl%2Fy6fO8MuiJZs2w7%2FO36GkdU%2F3bef9Szc2SY1NrMlUP7HrYdX8XTDabfdkJJvRuYXb9mvdO1H%2FMfMW14HWJkbI7tDoccHaNDAl29GAsthfHLqJPBEKgT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77362a55ae34751d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2