blockventilaion.cn/hrvatskitelekom/tb.php?ut=is1667759019885
104.21.64.22200 OK 573 B URL HTTP/1.1 blockventilaion.cn/hrvatskitelekom/tb.php?ut=is1667759019885
IP 104.21.64.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (549), with CRLF line terminators
Hash e2ed353e096be955e74f6562d864300d
62adbc8e01448af99028fce277ccc682c15dfb21
6b2cc38bf054894284d0889beb0a84635b1b2f1b3c117ae4bbfb7bfc0e9feffc
GET /hrvatskitelekom/tb.php?ut=is1667759019885 HTTP/1.1
Host: blockventilaion.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 21:20:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0G%2FIQi3sNcJX3a%2BWsp%2FObEy2zYVET9KOpsz1cidzYTjYKBMiIoR81fUhGq2MBL6vkodhSVMao%2FijcR8wGLFS5hocn1aKeD6FxrV6%2BRjmX%2BsK2BestddMetrKJqJsui0n9Z2bTM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772ede1849c50af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8306
Expires: Thu, 01 Dec 2022 23:39:00 GMT
Date: Thu, 01 Dec 2022 21:20:34 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2319
Cache-Control: max-age=136157
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:20:34 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:09:51 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6391
Expires: Thu, 01 Dec 2022 23:07:05 GMT
Date: Thu, 01 Dec 2022 21:20:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 21:19:49 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 45
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GtTj09pUFSLxljU0259Y5pre7pwMXo25rn22POrEkc9cqJ5/SLa5wPUcdQBsqJ8bscEM4R5NcwB6lnh9FSs0yA==
x-amz-request-id: 6GQWKNWYWBCSR620
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 20:46:26 GMT
age: 2048
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:20:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
blockventilaion.cn/favicon.ico
104.21.64.22200 OK 455 B URL HTTP/1.1 blockventilaion.cn/favicon.ico
IP 104.21.64.22:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c5d244b8b6b192c76a2c4331450c235
7e53f5ad871fcd67705eaf77f1ca9ff247143e1e
e0f26b6349453a86cd1f0f87cfd80559ef7edb6d88ff0af9ced7d7e413c548e3
GET /favicon.ico HTTP/1.1
Host: blockventilaion.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blockventilaion.cn/hrvatskitelekom/tb.php?ut=is1667759019885
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 21:20:35 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2016 03:54:11 GMT
ETag: W/"5861e5e3-1b0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdZTeNVVVFrd3e629wR4V63FxWrzc4FHKrLi7oEhLCDx%2FIHr32njsaGQMBOrTAPCur%2BJ3l7yW7H%2FQImIZ59kWqzmoKXYNJsco0Qe1PS35TzVNmzhw%2FxDfujhmSrDK2tVPzgrQaY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772ede1abc890af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
blockventilaion.cn/j/og2.js?_t=1669929633530
104.21.64.22200 OK 942 B URL HTTP/1.1 blockventilaion.cn/j/og2.js?_t=1669929633530
IP 104.21.64.22:0
File type ASCII text, with CRLF line terminators
Hash bad1af26351d2e87c035596233940ab0
9ac0e34dcbfd29ca3070c506c200777a8016b161
bc734ed6fc97cbcbaa0ed5236ce8aa46754596a9a79eef96684242d231d0644e
Analyzer Verdict Alert fortinet Phishing
GET /j/og2.js?_t=1669929633530 HTTP/1.1
Host: blockventilaion.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blockventilaion.cn/hrvatskitelekom/tb.php?ut=is1667759019885
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 21:20:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 16:09:56 GMT
Vary: Accept-Encoding
ETag: W/"635172d4-850"
Expires: Fri, 02 Dec 2022 09:20:35 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pizJTIxwB%2Fn%2FSYh1C7Y5GGD7PuwR4vgFgiz9Ey%2BGlSJfsBloip3O0CtmIsHgNvBA8mZdoDdSKPDX4OxwX5sjPl9UkFGlIt518%2Ft39Y8jzp8fYoE7VWxMIdLKLXiHmBNVtOa8Iss%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772ede1b7dbd0af6-OSL
alt-svc: h2=":443"; ma=60
blockventilaion.cn/j/og2.php?_t=1669929633609
104.21.64.22200 OK 105 B URL HTTP/1.1 blockventilaion.cn/j/og2.php?_t=1669929633609
IP 104.21.64.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a6e65f0b31b85e67d5045e3c0558877f
fd2579c2285c6810f75d81b1fafe986aa86a6b1b
cd665b462f001f01021fe95d2eaeba82d472f474c41926cd70c8acc7a8ee1d12
Analyzer Verdict Alert fortinet Phishing
POST /j/og2.php?_t=1669929633609 HTTP/1.1
Host: blockventilaion.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 54
Origin: http://blockventilaion.cn
Connection: keep-alive
Referer: http://blockventilaion.cn/hrvatskitelekom/tb.php?ut=is1667759019885
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 21:20:35 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLQMd%2BNubHHL%2B3h9yCDmia2JczuGZG%2FzpTIJoE1JVWMhxNvAK9uSojxprU82x05S%2FIMBia4Oskf9WAOAlG0zfkLRdNEVbPaOJJYOGlFZqYz3Vy0mH%2F37algiV8PKD6VK%2BR7tmTA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772ede1bfe560af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16bf212f733c5b163785edad6803e4d2
b1bbc9db24db8bd79b11f6eebf5182352a100486
4f7a13e4cbf34f223624a6d33aca3835f625e51e633841fb05e9715955f3f302
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4F7A13E4CBF34F223624A6D33ACA3835F625E51E633841FB05E9715955F3F302"
Last-Modified: Tue, 29 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2687
Expires: Thu, 01 Dec 2022 22:05:22 GMT
Date: Thu, 01 Dec 2022 21:20:35 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16bf212f733c5b163785edad6803e4d2
b1bbc9db24db8bd79b11f6eebf5182352a100486
4f7a13e4cbf34f223624a6d33aca3835f625e51e633841fb05e9715955f3f302
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4F7A13E4CBF34F223624A6D33ACA3835F625E51E633841FB05E9715955F3F302"
Last-Modified: Tue, 29 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2687
Expires: Thu, 01 Dec 2022 22:05:22 GMT
Date: Thu, 01 Dec 2022 21:20:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 21:11:15 GMT
cache-control: public,max-age=3600
age: 560
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
151.101.193.229200 OK 2.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
IP 151.101.193.229:0
File type ASCII text, with very long lines (16263)
Hash bd3ea59ca12635e32402ec20cb196249
b1bfdaba4a00c2932245ff9eabea38016f9c9069
b99f8f79de257275fdbf6a8e0eb4652b0d69429552234b1f444c08ae85000341
GET /npm/select2@4.1.0-rc.0/dist/css/select2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.0-rc.0
x-jsd-version-type: version
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Dec 2022 21:20:35 GMT
age: 21350142
x-served-by: cache-fra19146-FRA, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2162
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
151.101.193.229200 OK 21 kB URL HTTP/2 cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
IP 151.101.193.229:0
File type ASCII text, with very long lines (65317)
Hash b5ae87c0e4dd241b533e67053b0b719d
6b7b568694a95d81a94dea9ef7a85d1317d448dc
5bae5997fbca925ac6e52be8163ca897e751fcc9331552e0f77a22dd35b64521
GET /npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 6.1.1
x-jsd-version-type: version
etag: W/"189ae-CRAs/GDvtDCiXul87ppqNd9t/Fk"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Dec 2022 21:20:35 GMT
age: 2585748
x-served-by: cache-fra-eddf8230116-FRA, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20556
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2312
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:20:35 GMT
Last-Modified: Thu, 01 Dec 2022 20:42:03 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 1.2 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, from Unix\012- data
Hash aee428d91cdbcec066d273b370db30b4
fa13e5363a0c51d430c3905abb3e4923625322aa
6d82638ef22f72ae2edc059c36f74768c8dcdc0d1dfde0e8ac217b68eb387216
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57AD9EDC4D5EB1F0D6B58D25B50E54FED16B8E6D656B212006F3E0ECAE73072E"
Last-Modified: Tue, 29 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14089
Expires: Fri, 02 Dec 2022 01:15:24 GMT
Date: Thu, 01 Dec 2022 21:20:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ea2fc44bed758d2ec6c08e38212322ff
8bb9b1346e750bb3acfe998140b7fdd753a6623a
bd65b627bdece53af78c91753a2fbda2f96f058c7f763746a3d36eee63fb3259
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3532
Cache-Control: max-age=161144
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:20:35 GMT
Etag: "6388df4f-118"
Expires: Sat, 03 Dec 2022 18:06:19 GMT
Last-Modified: Thu, 01 Dec 2022 17:07:27 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ea2fc44bed758d2ec6c08e38212322ff
8bb9b1346e750bb3acfe998140b7fdd753a6623a
bd65b627bdece53af78c91753a2fbda2f96f058c7f763746a3d36eee63fb3259
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3532
Cache-Control: max-age=161144
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:20:35 GMT
Etag: "6388df4f-118"
Expires: Sat, 03 Dec 2022 18:06:19 GMT
Last-Modified: Thu, 01 Dec 2022 17:07:27 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:20:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ea2fc44bed758d2ec6c08e38212322ff
8bb9b1346e750bb3acfe998140b7fdd753a6623a
bd65b627bdece53af78c91753a2fbda2f96f058c7f763746a3d36eee63fb3259
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3956
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:20:35 GMT
Etag: "63878dc2-117"
Last-Modified: Thu, 01 Dec 2022 20:14:39 GMT
Server: ECS (amb/6B94)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:20:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 192308a99b557bed384aecc29e85f66b
0943c11e5b7fca30176cdde5e1fc19553b0ab3e8
b59fee4ddee8362fc93d3d3b159a3bc0d541099db4deb6837ed4baa587ff73ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B59FEE4DDEE8362FC93D3D3B159A3BC0D541099DB4DEB6837ED4BAA587FF73FF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7859
Expires: Thu, 01 Dec 2022 23:31:34 GMT
Date: Thu, 01 Dec 2022 21:20:35 GMT
Connection: keep-alive
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 39a8b61a96149e34c4149d9d75c5735e
d78868f2a60a6af9606195268a351163f9945732
9a699e9a4156cbf31f5470da7e4f3dfaccb550592d702292d339a4cd7c9009b4
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 21:20:35 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "16AE36117769D568E97C017001BE8F880461BE29"
Expires: Fri, 02 Dec 2022 09:00:00 GMT
Last-Modified: Thu, 01 Dec 2022 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 433
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772ede20692eb524-OSL
www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash 8acb712a8b8ec5915a6d6794f9d36465
3ce4a67716bd4116363564dffd8fe5de866f3c13
c2c9fa4f61a93e441c8330a4d54999e6b4049f38ca28a60828b528713c638ab1
GET /gtag/js?id=G-0C230YDF7G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 21:20:35 GMT
expires: Thu, 01 Dec 2022 21:20:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76262
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash 20808854be04c8c0319a9a9fe14cad2b
f4a3ae7d88208261809d578cbd73b3fc6064bff5
c963dde44d370cd0e6defdbb7c77aa4415bc006c13684121c169ac79ba68d6f0
GET /gtag/js?id=G-LW7434MYMN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 21:20:35 GMT
expires: Thu, 01 Dec 2022 21:20:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76263
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.214.17.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.17.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mnVEZNnvfQbAlhPSC0ImQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kRfeZ4aYkTOyBnkSE0hP3jcI6RU=
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 428a6c91781ed77dcb36446187640251
de2bba6df22314219989305f8cc63dd046efc8f1
23696e5d9c9790acd5c94f8c85fb3fd27cafbef51f0077401296ebebdb3567b8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "23696E5D9C9790ACD5C94F8C85FB3FD27CAFBEF51F0077401296EBEBDB3567B8"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1451
Expires: Thu, 01 Dec 2022 21:44:47 GMT
Date: Thu, 01 Dec 2022 21:20:36 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 428a6c91781ed77dcb36446187640251
de2bba6df22314219989305f8cc63dd046efc8f1
23696e5d9c9790acd5c94f8c85fb3fd27cafbef51f0077401296ebebdb3567b8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "23696E5D9C9790ACD5C94F8C85FB3FD27CAFBEF51F0077401296EBEBDB3567B8"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1390
Expires: Thu, 01 Dec 2022 21:43:46 GMT
Date: Thu, 01 Dec 2022 21:20:36 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60cee9ed8ebd8be24c38a929bd001dc2
a85a8e421568c14d3679381dd2fe0c62d497fc99
2538f0c7a07580d5da2d741870531b69d67c95c61c7c162d345ca84eedef944c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2538F0C7A07580D5DA2D741870531B69D67C95C61C7C162D345CA84EEDEF944C"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=994
Expires: Thu, 01 Dec 2022 21:37:10 GMT
Date: Thu, 01 Dec 2022 21:20:36 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60cee9ed8ebd8be24c38a929bd001dc2
a85a8e421568c14d3679381dd2fe0c62d497fc99
2538f0c7a07580d5da2d741870531b69d67c95c61c7c162d345ca84eedef944c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2538F0C7A07580D5DA2D741870531B69D67C95C61C7C162D345CA84EEDEF944C"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3310
Expires: Thu, 01 Dec 2022 22:15:46 GMT
Date: Thu, 01 Dec 2022 21:20:36 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60cee9ed8ebd8be24c38a929bd001dc2
a85a8e421568c14d3679381dd2fe0c62d497fc99
2538f0c7a07580d5da2d741870531b69d67c95c61c7c162d345ca84eedef944c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2538F0C7A07580D5DA2D741870531B69D67C95C61C7C162D345CA84EEDEF944C"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1003
Expires: Thu, 01 Dec 2022 21:37:19 GMT
Date: Thu, 01 Dec 2022 21:20:36 GMT
Connection: keep-alive
cdnkey.net/upload/Sasha%20Pieterse.jpg
188.114.96.1200 OK 32 kB URL HTTP/2 cdnkey.net/upload/Sasha%20Pieterse.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash d9cc3b86152bb84447f2c4f3ead72edd
2f8259daa028a7ac3fa7bba75cb318661c206249
8f63316250888fe7082064217ce59dfd7bd1afa8db430cf9c52ed698fe9c4d00
GET /upload/Sasha%20Pieterse.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/jpeg
content-length: 31593
x-guploader-uploadid: ADPycdusxMQdQP6sypnu8UWGQJbQUzYerIT56STiOJFoCOqwtEo7fTxe6OXZBd_BjBFDK5_Gq2YcYzQxLDf4XMkSh3n5BelC7jjo
expires: Thu, 01 Dec 2022 20:12:34 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:41 GMT
etag: "d9cc3b86152bb84447f2c4f3ead72edd"
x-goog-generation: 1662378641062323
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 31593
x-goog-hash: crc32c=2IdMGw==, md5=2cw7hhUruERH8sTz6tcu3Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 346
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQmk%2Fi4KHZD1h1u%2BciJ9qW3E%2B%2BiQY%2F1RA%2Bslrhu9%2BB9mHiUk88fHPRakq%2BqT7I2Qub0v01mn7TAe6NcaAeiYdJq3%2Bs%2Fr6po7bfnv0ccJaP7hinOOTxLA2HgPMye0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede21fb950b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnkey.net/upload/Sharon%20Kalifa.jpg
188.114.96.1200 OK 26 kB URL HTTP/2 cdnkey.net/upload/Sharon%20Kalifa.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 23c9827b9aebc5b81df47764d1e0d911
5930d34351242bec181f07f2f3a8f00b80a39dd2
dd02eeb72de57c36cf71017c3f79ae3b4dac32d3752a5ebf8d453a8697840235
GET /upload/Sharon%20Kalifa.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/jpeg
content-length: 25800
x-guploader-uploadid: ADPycds4v8V6u50LJ-BpA8unnwQWFxd7zZ12Jz-b_APL2KQulopkcsvxA0GBjPjLGKZLW_Jqtbw94QaG2HpiJe8fLaImBrjqLHq-
expires: Thu, 01 Dec 2022 22:10:21 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:41 GMT
etag: "23c9827b9aebc5b81df47764d1e0d911"
x-goog-generation: 1662378641087615
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 25800
x-goog-hash: crc32c=pVNA5w==, md5=I8mCe5rrxbgd9Hdk0eDZEQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 346
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAdiDT81TQSduqoAkkGoSAQA6c2D64z9VAp5svCIuiT1GdyPXC3sEZVIo1TSjDRPUFwtzpG4M0G7%2B4Cu4qEzKk0%2BXy5ifZe5mSykJFbRdEnmkZ%2Bb6wQrl6LMiPUh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede21fb9d0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnkey.net/upload/Pierre%20Renaudin.jpg
188.114.96.1200 OK 22 kB URL HTTP/2 cdnkey.net/upload/Pierre%20Renaudin.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 8f63e05228dc94b4f5091a84c9b4168d
4b2d1fe92d6461bb7e39415cf3c8af4fa104791e
9fbff31d3ad789f22276cc030afe35e67e10928db0ff2f384fcedc30ab48ae21
GET /upload/Pierre%20Renaudin.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/jpeg
content-length: 21791
x-guploader-uploadid: ADPycdvZbYAyaU0QP3B5ibQ1V19jY_fkV01JrZ14oPNuH-yz31ztvnGyQKBf5n1D1QS7CZ_q88TWH5lwuvdCgfqrDcmmbTsv5bml
expires: Thu, 01 Dec 2022 20:09:40 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:39 GMT
etag: "8f63e05228dc94b4f5091a84c9b4168d"
x-goog-generation: 1662378639925450
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21791
x-goog-hash: crc32c=bXAAZg==, md5=j2PgUijclLT1CRqEybQWjQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 346
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRhdwS8UJqxH6%2BgL8jd7jM4BYfj6LFSsYbit20W1KuzyNkKL9WUEsEFg5x9Fn6TGDPaOhVQV9OuxL5rH0sJEL%2F69jPRGvQHvSglNzrFOMo0va4Hn%2BrHyH%2F9CDs6p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede21fba00b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnkey.net/upload/Jennifer%20Fourcaulx.jpg
188.114.96.1200 OK 32 kB URL HTTP/2 cdnkey.net/upload/Jennifer%20Fourcaulx.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash a4327c59929252ace5b9aed35efa33fb
e8c3841813de3fe99085da0d02b12f9c781b6107
9142a09b09418c8705cbef9ba7d9920ee1d31f7ec681df8b0faaf39a896efea6
GET /upload/Jennifer%20Fourcaulx.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/jpeg
content-length: 31965
x-guploader-uploadid: ADPycdv9EzDG8EFdQSdGOlnnUE_LN5Kul3pSFUvIxWcAqZIrSICML5kJHQNYG1UxJOCXuyPS3b6VQMnDPsRp9R1gRV9gcfXzGLgi
expires: Thu, 01 Dec 2022 21:56:19 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:38 GMT
etag: "a4327c59929252ace5b9aed35efa33fb"
x-goog-generation: 1662378638883882
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 31965
x-goog-hash: crc32c=CEl9ew==, md5=pDJ8WZKSUqzlua7TXvoz+w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 346
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bii6oFEdk4WIc%2FvG3f3nsjOPh7wF6Z%2FO4FRd%2BGZ6dNtZiWoweLXcy%2BgD84Ba6%2FOtVRAHNReWXkGi2O6HmBqzXcrsoqKVuyli30oFKJ0H3qhfvmvjGQT27APCXQ2x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede21fb9c0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnkey.net/upload/Sarah%20Belli.jpg
188.114.96.1200 OK 16 kB URL HTTP/2 cdnkey.net/upload/Sarah%20Belli.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash a0a0a8e5df2a3013b2a9c46045f4d1e5
5de61b171986a6739fc18ff2dbc159ef14b716ed
4f5fdc4238663f38e62a441654ba94baeb21a0f5145a2dadb4d89c80afe12732
GET /upload/Sarah%20Belli.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/jpeg
content-length: 16424
x-guploader-uploadid: ADPycduPz-YAsOFiWEGKrYe6Wjz0crei4cAesqLCjMpwYMwgG9XW0pWGAp17VVlVZWy-W31em3tC1dkOrYpL_6KNwPNp3Zh2b7bT
expires: Thu, 01 Dec 2022 21:05:36 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:40 GMT
etag: "a0a0a8e5df2a3013b2a9c46045f4d1e5"
x-goog-generation: 1662378640959698
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 16424
x-goog-hash: crc32c=g7EkQA==, md5=oKCo5d8qMBOyqcRgRfTR5Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 923
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifOTbSUxJiNu28F5OTKf8%2B4UnePlGKWnDaFPi6mgO9EEkrIKo0%2Fn%2FIAPUOF59swiBy4%2Ffngx5mC60c0d40drRMN%2F5w4jnSnb10L2xXCDz8KzUawWzB721LivQCyF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede21fba40b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnkey.net/upload/R%C3%A9gis%20Laurencin.jpg
188.114.96.1200 OK 37 kB URL HTTP/2 cdnkey.net/upload/R%C3%A9gis%20Laurencin.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 297x300, components 3\012- data
Hash bdb898e634c09b5780ce35699139cbf4
fde6d594d1ea63e51a323b2e24e4a568220308dd
509599676e6812591ba1dfa66039d44520db43f495404415819947d40b5b7081
GET /upload/R%C3%A9gis%20Laurencin.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/jpeg
content-length: 37056
x-guploader-uploadid: ADPycdtazXbdmzd-cjDbwmXrv67Y7EXxKXZOI2DnNJ4G32BasShfKFB8J8fM3RiF0SaVOGedGvPbK0TwJrLnuCchW5Mo7klT0eJh
expires: Thu, 01 Dec 2022 22:05:36 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:40 GMT
etag: "bdb898e634c09b5780ce35699139cbf4"
x-goog-generation: 1662378639971154
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 37056
x-goog-hash: crc32c=GQMV+g==, md5=vbiY5jTAm1eAzjVpkTnL9A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 346
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WoPP8wgmRdAbkBLdsZ%2Bn%2BV8L7Q6FipxnPlgPiVflUDUozPT%2BKNXGTndy8eKeweAJeXyYXN5l9b2ZOk8K568UKCRSOMxytnsvGCTXh9m%2FeUHkgubByLyLKpL0WpC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede220bbb0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ea2fc44bed758d2ec6c08e38212322ff
8bb9b1346e750bb3acfe998140b7fdd753a6623a
bd65b627bdece53af78c91753a2fbda2f96f058c7f763746a3d36eee63fb3259
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3957
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:20:36 GMT
Last-Modified: Thu, 01 Dec 2022 20:14:39 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f1a1d1c61902f782da72ad648ef0822e
a9f41722a3e5180ec4019998b5f0fdb464f2aafb
f75b6732b286ec9b4694cd53c6a33f64732412c336425c1091cd5316380e26d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:20:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnkey.net/upload/Lisa%20Medina.jpg
188.114.96.1200 OK 36 kB URL HTTP/2 cdnkey.net/upload/Lisa%20Medina.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 4bd77e3ff3ee8b51b5629f1e8c1ff918
39f72588e628585e791661fa931d8b189af3cbf1
6d208d57ec5b3d4262efceeaf20f828d825d62b2a1fd10b8ab2302887432062d
GET /upload/Lisa%20Medina.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/jpeg
content-length: 35911
x-guploader-uploadid: ADPycdvl2KECsVdwiMoD0AtIE3Om0QZSxAlN_UpI-h7oXC7Y0yrgSd5sUrdllFGlFxABZDZOg-AlvhU-L24tEm7oozkqDIU8LTvu
expires: Thu, 01 Dec 2022 21:42:13 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:39 GMT
etag: "4bd77e3ff3ee8b51b5629f1e8c1ff918"
x-goog-generation: 1662378639908000
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35911
x-goog-hash: crc32c=f5osLQ==, md5=S9d+P/Pui1G1Yp8ejB/5GA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 923
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhWgJlPLnsAtSw7DtMqJWDsW2LqQQWVaWyGeJ6TIhc09C0xCrZN4CHfolzH%2BZs37aXEWQd7z1K5BReTbhF6deZIVC2sjduPdfoKJHtjVw0dsPXZV23P8Oc9DQlvc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede222bc70b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnkey.net/upload/hu.jpg
188.114.96.1200 OK 27 kB IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 9127e0230475268801040ce72ba6245c
c42bfd66c701225ba788bf96ab72822e381c9c89
d5b1138f638a041d31e26a44dfc74134f1a466fd5252c328ba504e52f54e6f2e
GET /upload/hu.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/jpeg
content-length: 27112
x-guploader-uploadid: ADPycdt8MFY-zDlqCWGjBedPfdEmYFBsk-GLJlEMAB3M2sNi4w1j9uio10GhpCg5cS0g8aTqQgRPmz90j1xESrvliTN6_Yf3mMva
expires: Thu, 01 Dec 2022 20:12:48 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:38 GMT
etag: "9127e0230475268801040ce72ba6245c"
x-goog-generation: 1662378638813534
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 27112
x-goog-hash: crc32c=i4EeUQ==, md5=kSfgIwR1JogBBAznK6YkXA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 346
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0J6o0YoHEBGfzr5FOUSDG8jNvbrRS75UDa41KZy7zc22LZc44x3Tmrkz2m37GBkcFdmMxRSBvepl%2FsODsl5x%2BtAwNHW5VWbXVG0m0BWSK8htWLf2KQaxYNEHOw%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede222bcf0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnkey.net/upload/Ashley%20Benson.jpg
188.114.96.1200 OK 32 kB URL HTTP/2 cdnkey.net/upload/Ashley%20Benson.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 9f1e9f0170ba7483cc7ce810bbe78e1f
1dc7ab4b8e5734180e22190f0cc6e7123586f244
da41a6d0acadbb94a5d939a2b245838d613ea21ce39bb1dd6b70595322f73043
GET /upload/Ashley%20Benson.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/jpeg
content-length: 31801
x-guploader-uploadid: ADPycdt3xWVtXEnUBEvomrS6dNBmEkLWHGVGK9vjM_eFvQlJqPI-MgdSY4M-0bEMqETLphPlLWTB571tE3_TTl-UuoxnnYEviRLP
expires: Thu, 01 Dec 2022 20:11:03 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:42 GMT
etag: "9f1e9f0170ba7483cc7ce810bbe78e1f"
x-goog-generation: 1662378642090884
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 31801
x-goog-hash: crc32c=ikFAgQ==, md5=nx6fAXC6dIPMfOgQu+eOHw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 346
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqPV%2B8iSuJkplPBuy37FQkn1DU9HcRrp2VRPXh24Zf99wl3zdk2q9aFSPRXDxzr7cBg9dxTrI7qAVLWCU5IVLh6Q88dGqj%2Ftd2hmfMfp8ZidY0o1e3TSOLozMsfB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede221bbe0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnkey.net/upload/L%C3%A9a%20Fenet.jpg
188.114.96.1200 OK 38 kB URL HTTP/2 cdnkey.net/upload/L%C3%A9a%20Fenet.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 6a0ee2d82e9e2e4a63af4bd8ec9df5a5
414f34e24d67e585298128249813d2cb54e6ed5d
4da5f51a7c92309a3b29ebf422e5460dc307e5d75e2cf83b486d8703abb2b97a
GET /upload/L%C3%A9a%20Fenet.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/jpeg
content-length: 38178
x-guploader-uploadid: ADPycdu-TOMquUxM8Xr9a6kM_Nw2xW2v0ZMtU7g-Tl529PFV226_2d9meqEpuiWT2f46uCx21u_QzOeHu0LZGVlx8AEJvmBovCck
expires: Thu, 01 Dec 2022 21:06:18 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:38 GMT
etag: "6a0ee2d82e9e2e4a63af4bd8ec9df5a5"
x-goog-generation: 1662378638779924
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 38178
x-goog-hash: crc32c=qUuqiw==, md5=ag7i2C6eLkpjr0vY7J31pQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 923
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpguNK%2FWLzTkT4DQ9WQoRlNxcTxYSVbUyREG1UTE%2F55kEpddC%2FuKlq8%2FUe7pcgYzM1tjagAG2I%2FGBQG%2BoQO%2B3IqXtZObRcNc9snt7YN07R555n%2F5AjnjSgTef2%2FE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede223be50b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f1a1d1c61902f782da72ad648ef0822e
a9f41722a3e5180ec4019998b5f0fdb464f2aafb
f75b6732b286ec9b4694cd53c6a33f64732412c336425c1091cd5316380e26d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:20:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9790179503d7e92835ac378e2661ac0
8d7695560fe8f702746922b3ed8bba1f4d9392c7
2619a5f501d93c4d57ebf5be8970843a61772553ce3ae5dadba0de3359a77403
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2619A5F501D93C4D57EBF5BE8970843A61772553CE3AE5DADBA0DE3359A77403"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=807
Expires: Thu, 01 Dec 2022 21:34:03 GMT
Date: Thu, 01 Dec 2022 21:20:36 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:20:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9790179503d7e92835ac378e2661ac0
8d7695560fe8f702746922b3ed8bba1f4d9392c7
2619a5f501d93c4d57ebf5be8970843a61772553ce3ae5dadba0de3359a77403
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2619A5F501D93C4D57EBF5BE8970843A61772553CE3AE5DADBA0DE3359A77403"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=807
Expires: Thu, 01 Dec 2022 21:34:03 GMT
Date: Thu, 01 Dec 2022 21:20:36 GMT
Connection: keep-alive
1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
142.250.74.161200 OK 181 kB URL HTTP/2 1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
IP 142.250.74.161:0
File type PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size 181 kB (180954 bytes)
Hash fd835c1f326d3e7da0d9839550f66723
5004618bc15011d7d0f569f60f900d076b164b3d
b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8
GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Thu, 01 Dec 2022 17:36:28 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 13448
etag: "v632"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
142.250.74.161200 OK 14 kB URL HTTP/2 1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
IP 142.250.74.161:0
File type PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Hash ff055162c5d233506eece3fb69a47e74
49812e303ae6674819b6a7a6e0721d555ef64df4
7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Thu, 01 Dec 2022 17:36:28 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 13448
etag: "v630"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60cee9ed8ebd8be24c38a929bd001dc2
a85a8e421568c14d3679381dd2fe0c62d497fc99
2538f0c7a07580d5da2d741870531b69d67c95c61c7c162d345ca84eedef944c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2538F0C7A07580D5DA2D741870531B69D67C95C61C7C162D345CA84EEDEF944C"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1003
Expires: Thu, 01 Dec 2022 21:37:19 GMT
Date: Thu, 01 Dec 2022 21:20:36 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9790179503d7e92835ac378e2661ac0
8d7695560fe8f702746922b3ed8bba1f4d9392c7
2619a5f501d93c4d57ebf5be8970843a61772553ce3ae5dadba0de3359a77403
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2619A5F501D93C4D57EBF5BE8970843A61772553CE3AE5DADBA0DE3359A77403"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2043
Expires: Thu, 01 Dec 2022 21:54:39 GMT
Date: Thu, 01 Dec 2022 21:20:36 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f1a1d1c61902f782da72ad648ef0822e
a9f41722a3e5180ec4019998b5f0fdb464f2aafb
f75b6732b286ec9b4694cd53c6a33f64732412c336425c1091cd5316380e26d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:20:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e68ba8d70e4d126e4cb1d9ca9f9a9ea8
e9668628f5d3ca65b3639ef9a96728744a4a0b88
0d6783a242414471c8015fab158a5bead0dd30e2190e371f3d3f24d6f4d9efe6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0D6783A242414471C8015FAB158A5BEAD0DD30E2190E371F3D3F24D6F4D9EFE6"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6964
Expires: Thu, 01 Dec 2022 23:16:40 GMT
Date: Thu, 01 Dec 2022 21:20:36 GMT
Connection: keep-alive
cdnbun.com/upload/hrvatskitelekom-m2.png
172.64.107.15200 OK 10 kB URL HTTP/2 cdnbun.com/upload/hrvatskitelekom-m2.png
IP 172.64.107.15:0
File type PNG image data, 241 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash cb834d7b6ab5c152f093ca418eed4877
9cbca81eb10b81fe9bb5cb7a8187f918d32d66b9
10f01f4e3b7caed2a0064c2bf2bf1a51d6589332c40c7911a09cacc31dad1306
GET /upload/hrvatskitelekom-m2.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/png
content-length: 10463
x-guploader-uploadid: ADPycdsHD2P8tmtkW5HPR5ihhGgzVj6M-aOB4bLCPnGCvrfWRc8HUjSFv3fDCvubYzbf4oTBJYFDxS4nj3S1ZNG3qXD31sBhC6Zn
expires: Thu, 01 Dec 2022 22:20:36 GMT
cache-control: public, max-age=14400
last-modified: Fri, 04 Nov 2022 14:56:01 GMT
etag: "cb834d7b6ab5c152f093ca418eed4877"
x-goog-generation: 1667573761768261
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10463
x-goog-hash: crc32c=N1Sa6Q==, md5=y4NNe2q1wVLwk8pBju1Idw==
x-goog-storage-class: STANDARD
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuOxyZoKAgadVM6mXFWu1ggl8mfK9XmZ0WYkvbqbjSzmBvqC9Ea3lGCODHJnwGuIjpAwlmiqM5PDCzYe%2FFvUbXnN8R4E8tGEvbh2BJprDEqH60%2Ffd%2BA7o%2B9L0llv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede22c8f74072-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/hrvatskitelekom-show.jpg
172.64.107.15200 OK 57 kB URL HTTP/2 cdnbun.com/upload/hrvatskitelekom-show.jpg
IP 172.64.107.15:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 520x342, components 3\012- data
Hash b674e8ff181549cc21e1430c01cb7cbc
a5b1e451603038ff20b8fd68250b15b1b94637f5
f2696c01d56645705766d40890b4ce10a994304361c6db40f1dc02ed35abaf5d
GET /upload/hrvatskitelekom-show.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/jpeg
content-length: 56564
x-guploader-uploadid: ADPycdvyFdk3Jn80bwNwZBtm4fdiE44xjIkMOZOKwTfGoT09qjQNxwwFNV6KiR7ojBUaNidxSEImf8BfW-YxHVRk46frku9Jgn_o
expires: Thu, 01 Dec 2022 22:20:36 GMT
cache-control: public, max-age=14400
last-modified: Fri, 04 Nov 2022 14:53:08 GMT
etag: "b674e8ff181549cc21e1430c01cb7cbc"
x-goog-generation: 1667573588385377
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 56564
x-goog-hash: crc32c=cAC65g==, md5=tnTo/xgVScwh4UMMAct8vA==
x-goog-storage-class: STANDARD
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uq%2BkhliBAbQm%2FPiKChffiWvzMjykouFZoWwaWmotFN0ewdlnUX64r16SQnAzqXlqZBY4qHOiU36UZANpXdborMdwsymZH0z5OP%2Bk%2Bc5KPfpRIobv59g9bDgwMTwe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede22c8fc4072-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/hrvatskitelekom-left.png
172.64.107.15200 OK 978 B URL HTTP/2 cdnbun.com/upload/hrvatskitelekom-left.png
IP 172.64.107.15:0
File type PNG image data, 15 x 205, 8-bit/color RGBA, non-interlaced\012- data
Hash f4469dfa8797557ba6a3d690181856b0
6b413f805dc10aeaa178ee97793b6cea14db39af
67fed2e2bc86218d3197cbcaae5b008653d28f3eb6985c9bd9fcfb36e0334ab9
GET /upload/hrvatskitelekom-left.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/png
content-length: 978
x-guploader-uploadid: ADPycds-4v-z-6MUzbcx4NBYhQYPL3cqK96m_bKTNfdFgUzdFIDMvuK_lo63vkxfaGKQxkDaYn6y9tXh_4y6lPg35dkUKa9gV1r9
x-goog-generation: 1667573585667268
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 978
x-goog-hash: crc32c=HJ8Mag==, md5=9Ead+oeXVXumo9aQGBhWsA==
x-goog-storage-class: STANDARD
expires: Thu, 01 Dec 2022 22:20:36 GMT
cache-control: public, max-age=14400
last-modified: Fri, 04 Nov 2022 14:53:05 GMT
etag: "f4469dfa8797557ba6a3d690181856b0"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9i0LjSxPvXmhl7FXtXqlE6lc7uknOGVk3ZSqMfHsuVk5qsx1h0QrfKIB3lwY2OH086mgd8LPuDn6PH6jyTMxVzPUEVEy4nrMGDOfjWWxrbhVqx4%2BMgUmOu11L0gM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede22c8f94072-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/hrvatskitelekom-box2.png
172.64.107.15200 OK 3.3 kB URL HTTP/2 cdnbun.com/upload/hrvatskitelekom-box2.png
IP 172.64.107.15:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash e027b3ee55cdad4426e78f45f965a50d
21c0048c2b80d00acfda402353a0f76272bdabf7
3d9758f49b809eae10d1689cb660b798d81b5e444e82debd60546eff5575b218
GET /upload/hrvatskitelekom-box2.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/png
content-length: 3320
x-guploader-uploadid: ADPycduHU7IpTFE-UcCnjMYJnGU6rVMrsYFJhF0o1Dwma9Z0-9yQl3SzkSGQGIOGYpxMSTJuoNs-dnRoVupJS-FKYTK5CyF6kQV3
expires: Thu, 01 Dec 2022 22:20:36 GMT
cache-control: public, max-age=14400
last-modified: Fri, 04 Nov 2022 14:53:04 GMT
etag: "e027b3ee55cdad4426e78f45f965a50d"
x-goog-generation: 1667573584728272
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3320
x-goog-hash: crc32c=ip6leQ==, md5=4Cez7lXNrUQm549F+WWlDQ==
x-goog-storage-class: STANDARD
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gUxba%2B0U81dH2Z6P9MlE1s%2F0jFjyhqBQj99XOu7NOxdLh6cQ1BdTb%2B%2BqYZoZJ60%2F21xEhAy1wUoNVg9qoXH4COkm7N981qTh34NquvBlzePXrIBJcumMCkoASoK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede22c8fe4072-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/hrvatskitelekom-box1.png
172.64.107.15200 OK 30 kB URL HTTP/2 cdnbun.com/upload/hrvatskitelekom-box1.png
IP 172.64.107.15:0
File type PNG image data, 300 x 214, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ddce56d1aa583ebeba75e5de6ba3a20
08d9d652e81591f1e8815692fb1522ed8838897c
4c7c13869b912d8a3deed09ac2e2837d10aa1b31a2681f903c3a46e5f1eedc15
GET /upload/hrvatskitelekom-box1.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/png
content-length: 29528
x-guploader-uploadid: ADPycdsDYeSKI3_IzW91LUPdBG55bpCGdqsUVBncTizMr9sAJchNlRvHLVouK9AwSpHy6lGvRiPy9Zxd0ZpTSs7L3LfLWA7QqOxU
x-goog-generation: 1667573584748658
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 29528
x-goog-hash: crc32c=oqVOMg==, md5=bdzlbRqlg+vrp15d5ro6IA==
x-goog-storage-class: STANDARD
expires: Thu, 01 Dec 2022 22:20:36 GMT
cache-control: public, max-age=14400
last-modified: Fri, 04 Nov 2022 14:53:04 GMT
etag: "6ddce56d1aa583ebeba75e5de6ba3a20"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Tn57C%2BsEOlpo55LQWnNu8P4z0BgR4jOlGhakvASCMn4gJ%2BCVNYayvgZ8hLK6fNnOtRJprW2fMclow7cR65IQVjuw8eUhR4TVdSvQQqhxvNdSZNTb7GWqOjhjKEn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede22c8fa4072-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/hrvatskitelekom-right.png
172.64.107.15200 OK 978 B URL HTTP/2 cdnbun.com/upload/hrvatskitelekom-right.png
IP 172.64.107.15:0
File type PNG image data, 15 x 205, 8-bit/color RGBA, non-interlaced\012- data
Hash bf57dc2eac0cc68556673b8da5352bdb
45b85e12089dd9479cdf417290d3783a1dea34b4
ef2c9c2312c4013ea325bfcaf24e56bd9242269c26120906d906b8c947edf689
GET /upload/hrvatskitelekom-right.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:36 GMT
content-type: image/png
content-length: 978
x-guploader-uploadid: ADPycdsLLt_thktYgYD3TmDFveda-yd1BsQOKZTMI2KbhLjYxeUz0RZai6VxcArawAHstxUllbwAZVzOE0Mz48CE2D4cvrMEsd1_
x-goog-generation: 1667573587151173
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 978
x-goog-hash: crc32c=jczDTQ==, md5=v1fcLqwMxoVWZzuNpTUr2w==
x-goog-storage-class: STANDARD
expires: Thu, 01 Dec 2022 22:20:36 GMT
cache-control: public, max-age=14400
last-modified: Fri, 04 Nov 2022 14:53:07 GMT
etag: "bf57dc2eac0cc68556673b8da5352bdb"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYPWYf69btAwfAnoHw6dnv2LkL58hCAESOfNBZnz1i5FaGj6upuXrsedozCbgArNFvhRpzWPgpDpjjdvhwYyd%2BeFvKZGPcPyNohVUGXZmProJ2BYMrQkSq4eusB9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede22f9304072-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e68ba8d70e4d126e4cb1d9ca9f9a9ea8
e9668628f5d3ca65b3639ef9a96728744a4a0b88
0d6783a242414471c8015fab158a5bead0dd30e2190e371f3d3f24d6f4d9efe6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0D6783A242414471C8015FAB158A5BEAD0DD30E2190E371F3D3F24D6F4D9EFE6"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7046
Expires: Thu, 01 Dec 2022 23:18:02 GMT
Date: Thu, 01 Dec 2022 21:20:36 GMT
Connection: keep-alive
voicelevel.top/PS8Eyql3/hrvatskitelekom/?_t=1669929633678
188.114.96.1200 OK 46 kB URL HTTP/2 voicelevel.top/PS8Eyql3/hrvatskitelekom/?_t=1669929633678
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (454), with CRLF line terminators
Hash dfb192fc3381912bc75253dc2a22e0d9
3e407a1f22549273347b8acde72cfdd34e20a46f
285ae8207a148a783c42c7c9cc63c0ec659f946e700cbd1e24f7037f92f0f7b0
Analyzer Verdict Alert fortinet Malware
GET /PS8Eyql3/hrvatskitelekom/?_t=1669929633678 HTTP/1.1
Host: voicelevel.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://blockventilaion.cn/
Connection: keep-alive
Cookie: pType=mo
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: pType=mo; expires=Thu, 01-Dec-2022 21:32:35 GMT; Max-Age=720; path=/; domain=voicelevel.top
hrvatskitelekom-tthh1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.voicelevel.top
hrvatskitelekom-tthh2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.voicelevel.top
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSuBzWnbUViKVX%2F6L6XSNxzW3ZxEqzO9furdMU2tFLQe71q934No0ppzYY6v2w9TA%2FAMXsxZp9tGuCx%2Bh4nZ3XLFJ%2BxlfOze5v2oN%2Fj46u%2FBtdnvue2nmLFnMvh1mYpC8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ede1e4c75fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 61aaa9c113389727a15c3d4b9832c993
b8327e4bfdf09cd0679599af397c6f6ddd24b3cd
c485c7350b2ac4544c1c6f5497c5d49acd43b987c1475f370ad5a8f4e2b2e530
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 21:20:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Dec 2022 18:48:02 GMT
ETag: "b8327e4bfdf09cd0679599af397c6f6ddd24b3cd"
Last-Modified: Thu, 01 Dec 2022 18:48:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 958
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772ede26fb2db524-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 61aaa9c113389727a15c3d4b9832c993
b8327e4bfdf09cd0679599af397c6f6ddd24b3cd
c485c7350b2ac4544c1c6f5497c5d49acd43b987c1475f370ad5a8f4e2b2e530
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 21:20:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Dec 2022 18:48:02 GMT
ETag: "b8327e4bfdf09cd0679599af397c6f6ddd24b3cd"
Last-Modified: Thu, 01 Dec 2022 18:48:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 958
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772ede270b50b524-OSL
region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN>m=2oebu0&_p=1655611499&cid=1091248481.1669929635&ul=en-us&sr=1280x1024&_s=1&sid=1669929634&sct=1&seg=0&dl=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678&dr=http%3A%2F%2Fblockventilaion.cn%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN>m=2oebu0&_p=1655611499&cid=1091248481.1669929635&ul=en-us&sr=1280x1024&_s=1&sid=1669929634&sct=1&seg=0&dl=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678&dr=http%3A%2F%2Fblockventilaion.cn%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LW7434MYMN>m=2oebu0&_p=1655611499&cid=1091248481.1669929635&ul=en-us&sr=1280x1024&_s=1&sid=1669929634&sct=1&seg=0&dl=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678&dr=http%3A%2F%2Fblockventilaion.cn%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voicelevel.top
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://voicelevel.top
date: Thu, 01 Dec 2022 21:20:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G>m=2oebu0&_p=1655611499&cid=1091248481.1669929635&ul=en-us&sr=1280x1024&_s=1&sid=1669929634&sct=1&seg=0&dl=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678&dr=http%3A%2F%2Fblockventilaion.cn%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G>m=2oebu0&_p=1655611499&cid=1091248481.1669929635&ul=en-us&sr=1280x1024&_s=1&sid=1669929634&sct=1&seg=0&dl=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678&dr=http%3A%2F%2Fblockventilaion.cn%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0C230YDF7G>m=2oebu0&_p=1655611499&cid=1091248481.1669929635&ul=en-us&sr=1280x1024&_s=1&sid=1669929634&sct=1&seg=0&dl=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678&dr=http%3A%2F%2Fblockventilaion.cn%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voicelevel.top
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://voicelevel.top
date: Thu, 01 Dec 2022 21:20:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8247
Expires: Thu, 01 Dec 2022 23:38:04 GMT
Date: Thu, 01 Dec 2022 21:20:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8247
Expires: Thu, 01 Dec 2022 23:38:04 GMT
Date: Thu, 01 Dec 2022 21:20:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8247
Expires: Thu, 01 Dec 2022 23:38:04 GMT
Date: Thu, 01 Dec 2022 21:20:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8247
Expires: Thu, 01 Dec 2022 23:38:04 GMT
Date: Thu, 01 Dec 2022 21:20:37 GMT
Connection: keep-alive
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
172.64.165.21200 OK 26 kB URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 172.64.165.21:0
File type ASCII text, with very long lines (65321), with CRLF line terminators
Hash 6d3d0a068f0bde7b787f8b4b4f5dbd33
762ff554070130e682ffdb8983350ecafdee374b
47a0be7df2a5974c18449f36d9aa078400a86912cbd9c9f5f9361e512c6475a9
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:35 GMT
content-type: text/css
x-guploader-uploadid: ADPycdv7kv7cza5rB6NKcfu3OF6h0QG0KUb6y2IsWxw9rQV3Hfk7c1SOZ9hygJnwpBpuObJusH4eBfPNsQKZEO4luud5Ew
x-goog-generation: 1647502692716912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161415
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
x-goog-storage-class: STANDARD
expires: Thu, 01 Dec 2022 21:42:42 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
etag: W/"feba0d0760607b9e21393156949afcd9"
age: 365
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rU3b0ZzHu72uMplodoITyjPSSGRY6Xn8iJ2TwqMN0ZPpgrv5NVhcMNnAfbDovrKsfr7Q8GkYzegpCRnXAbMcqOaaWSDCPlAwTvxwnwFhY41%2B5NpXoKtYQ%2F60QJl9OXhY88%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede205bc37738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 328ce221bcf3442f88d09373193ff594
63bfa2ea925aa2c188c664a7bf7af7b0e5417e60
21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13411
x-amzn-requestid: 71f8798f-93e9-4649-8822-7ad3fadeec34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz6vH05oAMF_qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd11-1849aa08463e5c1f3d9b15b9;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QVGFEOePBybOeNxG6eWBffm8Ha_fmBnT8vMIGcI8zv9C7yiBeSncDw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
etag: "63bfa2ea925aa2c188c664a7bf7af7b0e5417e60"
content-type: image/jpeg
age: 84517
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 05:45:16 GMT
age: 56121
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 17:08:13 GMT
age: 15144
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 18:58:06 GMT
age: 8551
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 84517
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 84787
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?b521817f22507716e364b3fe28644f8b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b521817f22507716e364b3fe28644f8b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (657)
Hash 6ae344443d9f936b2e3ac1c72a3f3a91
543fa72e413e60ae0191aa3a22f5492220cc77da
c8e2d87be7fc7b0ce1ffb9ad591e358ccec1794d12a265132527e22b8862b354
GET /hm.js?b521817f22507716e364b3fe28644f8b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11295
Content-Type: application/javascript
Date: Thu, 01 Dec 2022 21:20:37 GMT
Etag: 3cec3361f9544c1701d4338ea77e87f9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C857D322AA8397AF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
172.64.165.21200 OK 43 kB URL HTTP/2 cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
IP 172.64.165.21:0
File type ASCII text, with very long lines (65446), with CRLF line terminators
Hash 00b4aa94cd0beee8dc76a0774af6581f
a9095852ca9111d4bfbff71bfca5de09826b0f4c
1a379a4468f92f136a1e9e4c4f12decde5fab77ca3ad5d0552a8680c509b72cb
GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:35 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdvCxHltiuPjHL-zbbsBVwle0-vgYS2_pOmv1wzzQZrGSBqUE4vr5WQ_17FuwcGb_O0Ved79CT2MXZTd7QgSd4c
expires: Thu, 01 Dec 2022 21:48:18 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n464pp36Z9EDp52OuO4BC9mAgPmoOTVoERFpEF4WH%2BA7eduNL843Y6XnKvTI%2FcWxZlIq7gvjElFUvXrr5TXMn1Nv%2BVG3gzrnknbXdP9yFLdA9k8KeXWF5wK8UZ%2B%2ByLeFMEI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede206c147738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
172.64.165.21200 OK 27 kB URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP 172.64.165.21:0
File type ASCII text, with very long lines (63188), with CRLF line terminators
Hash 345402aaf9e6e97fc311804613d30a01
4414eb435d663a8b95312e340ec979bb097a15f3
3dbfdc0108ff96dc143bd252da9182cd14d439751159375d6e3d198d4885b2f3
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:35 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdtaXO8Pt4mYxS4tkg36SiMjVR6jjL7hB9EkK5aPNXJ0rrhhBXOw5gRmhJXZ1IYlvDk2NYpvsCE76nxT_QCLJq2KEg
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
expires: Thu, 01 Dec 2022 22:06:27 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
cf-cache-status: HIT
age: 377
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4B%2BM4hvOzt3nmJKZy%2FN9s%2BgCibecm032M6yz9t0yW%2B%2BN%2FECXYGALlboOTc8E%2FdKAk66RjIfOFBCYwxNqPvOieZ5b4Mqpi3%2BXUKGKIeWwGWPXgD0vS1Y6uOxneAC5fQGwb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede207c297738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash fedaa442893a56416eb908b948526083
0f6a6d90665191b2f161bcddbb0906b45cd4e7c7
5d9c1183e57dc368ee302b6a44c7b67aff7ef47263413ae2ca547a4f9a88924c
GET /hm.js?8b68846a3ac1709b0ec7199084ee5ea8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Thu, 01 Dec 2022 21:20:37 GMT
Etag: f678d9d898ff1b1c3ae07141bbf39bff
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6EE4C0958B822CEB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2028252297&si=b521817f22507716e364b3fe28644f8b&su=http%3A%2F%2Fblockventilaion.cn%2F&v=1.3.0&lv=1&sn=32301&r=0&ww=1280&u=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678%231669929635091
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2028252297&si=b521817f22507716e364b3fe28644f8b&su=http%3A%2F%2Fblockventilaion.cn%2F&v=1.3.0&lv=1&sn=32301&r=0&ww=1280&u=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678%231669929635091
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2028252297&si=b521817f22507716e364b3fe28644f8b&su=http%3A%2F%2Fblockventilaion.cn%2F&v=1.3.0&lv=1&sn=32301&r=0&ww=1280&u=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678%231669929635091 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Dec 2022 21:20:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4D8D0B8B02869090; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=501163950&si=9b310e1c49acc25db6b3a7a5f3ef3e98&su=http%3A%2F%2Fblockventilaion.cn%2F&v=1.3.0&lv=1&sn=32302&r=0&ww=1280&u=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678%231669929635091
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=501163950&si=9b310e1c49acc25db6b3a7a5f3ef3e98&su=http%3A%2F%2Fblockventilaion.cn%2F&v=1.3.0&lv=1&sn=32302&r=0&ww=1280&u=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678%231669929635091
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=501163950&si=9b310e1c49acc25db6b3a7a5f3ef3e98&su=http%3A%2F%2Fblockventilaion.cn%2F&v=1.3.0&lv=1&sn=32302&r=0&ww=1280&u=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678%231669929635091 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Dec 2022 21:20:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A8040D28782E6B78; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=319860302&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fblockventilaion.cn%2F&v=1.3.0&lv=1&sn=32302&r=0&ww=1280&u=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678%231669929635091
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=319860302&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fblockventilaion.cn%2F&v=1.3.0&lv=1&sn=32302&r=0&ww=1280&u=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678%231669929635091
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=319860302&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fblockventilaion.cn%2F&v=1.3.0&lv=1&sn=32302&r=0&ww=1280&u=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678%231669929635091 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Dec 2022 21:20:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4D525816D14116FD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1693333278&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fblockventilaion.cn%2F&v=1.3.0&lv=1&sn=32302&r=0&ww=1280&u=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678%231669929635091
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1693333278&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fblockventilaion.cn%2F&v=1.3.0&lv=1&sn=32302&r=0&ww=1280&u=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678%231669929635091
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1693333278&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fblockventilaion.cn%2F&v=1.3.0&lv=1&sn=32302&r=0&ww=1280&u=https%3A%2F%2Fvoicelevel.top%2FPS8Eyql3%2Fhrvatskitelekom%2F%3F_t%3D1669929633678%231669929635091 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Dec 2022 21:20:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=741A3530364647B1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
bonepa.com/4fe48aebd6/4f59451604/?placementName=Pop&is_first=true&randomA=0_9756&maxw=0
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/4fe48aebd6/4f59451604/?placementName=Pop&is_first=true&randomA=0_9756&maxw=0
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /4fe48aebd6/4f59451604/?placementName=Pop&is_first=true&randomA=0_9756&maxw=0 HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:20:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Fri, 02-Dec-2022 21:20:38 GMT; Max-Age=86400; secure; SameSite=None
used_ad2633299=1; expires=Fri, 02-Dec-2022 04:59:59 GMT; Max-Age=27561; path=/; secure; SameSite=None
total_impressions=1; expires=Fri, 02-Dec-2022 04:59:59 GMT; Max-Age=27561; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
172.64.165.21200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 172.64.165.21:0
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:35 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycds3YdIz1R1UN767siseN3QRg96xNyUpzXvJk9EJOVC4B_FNuk3QzAPM9M4PK3JBDjbzDnKqTH3BKTa3eeZtxS7M9edjuqUj
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
expires: Thu, 01 Dec 2022 21:31:13 GMT
cache-control: public, max-age=3600
age: 2893
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgwmdxkOrOhkBunJbayGZ%2BJdkcbJHqTbaauAfGnAt6Yzey1puFZmPwQsLYAM6Lxq33FM6KBfvcKW7KYAIxayt7G8HcB8%2BSTSMpxV8nTvY1TWZZROVP6vCVM1XoEJOdhRV%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede206c0a7738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:20:35 GMT
content-type: application/javascript
expires: Thu, 01 Dec 2022 21:20:35 GMT
last-modified: Thu, 01 Dec 2022 21:20:35 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
voicelevel.top/PS8Eyql3/hrvatskitelekom/?_t=1669929633678
188.114.96.1200 OK 0 B URL HTTP/2 voicelevel.top/PS8Eyql3/hrvatskitelekom/?_t=1669929633678
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Malware
GET /PS8Eyql3/hrvatskitelekom/?_t=1669929633678 HTTP/1.1
Host: voicelevel.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://blockventilaion.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: pType=mo; expires=Thu, 01-Dec-2022 21:32:35 GMT; Max-Age=720; path=/; domain=voicelevel.top
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQJKLeP%2Beb22UW%2BV0%2FR%2FZezpHzkPtEjoL%2F%2B4pJy2kJP98%2BgxWqiUTkphMQdU0RmGhQYr49eDFcMbpbxyrfH28zeBl3p7Xseq997syM7odyc7OZtUhturtBwL%2B78dqoU%2B0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ede1d3b71fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bonepa.com/js/responsive.js
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/js/responsive.js
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
Analyzer Verdict Alert fortinet Phishing
GET /js/responsive.js HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:20:35 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
172.64.165.21200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
IP 172.64.165.21:0
GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:35 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycduIPxBxn9HV1RvlxQW5n8gWMNt2gH6LJACR5zSppFALBLzrzJxa_8ctHWVRnxFIChP9qRRTmrjDnfJ9VGLfuaiuefHrtsZR
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
expires: Thu, 01 Dec 2022 21:49:06 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
age: 1253
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmJC7I6sYmYPVQcoAlm%2BIuyT5uvoAql2c6nqJdpeJnpbRtdrG3l6ab16Eh%2BIPil3Qi9hy0Er1aFQq%2BJIEc94clOK1N5jLMlG0M6ptzyzULTge18tGTDyvZ9i5yJ3qLbpko0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede201b377738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
172.64.165.21200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
IP 172.64.165.21:0
GET /npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voicelevel.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 21:20:35 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdveolyrLmPsOpTOe4R8xrc9XLzOm4WE6kDIQQ-Bffr1CkxSQNEa8J0yEWTsx8MoMM6ntSWdKYv4h0j_eGf8uii0qkm1aglD
x-goog-generation: 1647502839791727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 72765
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
x-goog-storage-class: STANDARD
expires: Thu, 01 Dec 2022 22:08:54 GMT
cache-control: public, max-age=3600
age: 642
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
etag: W/"80924b62e5b3ac73aa4849776b439770"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAEaq58K8LDFL6LHcqXJ5CqJk09cg0YszWkAUCQshD%2FPBROYE90h5cR%2BCj1JS%2FMb%2BbTHL3%2F88evLyWPwyC6XgxFdELvpGWXbhvpCl12AvRl9mIeiFrJZGUzTSqCz85lpB%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ede206c1b7738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2