www.kfap.xyz/2023/01/actress-song-min-kyung-sex-scene-in-10.html?m=1
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 www.kfap.xyz/2023/01/actress-song-min-kyung-sex-scene-in-10.html?m=1
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2023/01/actress-song-min-kyung-sex-scene-in-10.html?m=1 HTTP/1.1
Host: www.kfap.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 17:18:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 30 Jan 2023 18:18:43 GMT
Location: https://www.kfap.xyz/2023/01/actress-song-min-kyung-sex-scene-in-10.html?m=1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaeeL0g6r7ZwNFzNZopW%2F53oub4jEIWoJJ8szKMs%2BIKyi9081OJ38AcxGt7j68qY6rJGbK7J0fmvtcY1xKLUnZnRyciXJObEaIJBzVAO1vwb10eBilt%2BQEjS2dz%2BM7U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bde5099c3b50c-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3170
Expires: Mon, 30 Jan 2023 18:11:33 GMT
Date: Mon, 30 Jan 2023 17:18:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3761
Expires: Mon, 30 Jan 2023 18:21:24 GMT
Date: Mon, 30 Jan 2023 17:18:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5580
Expires: Mon, 30 Jan 2023 18:51:43 GMT
Date: Mon, 30 Jan 2023 17:18:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 16:35:45 GMT
content-type: application/json
age: 2578
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kuFQA3n/Cxb1oJU+wJ4CGUsH3GBau3minFX89+bnhnQygU/u7cDk1hANS/dTXXo2bWZiYYDyM7g=
x-amz-request-id: XV7KAS1AAN8G5MGB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 16:50:48 GMT
age: 1675
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Jvjy-qLmpN0
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Jvjy-qLmpN0
IP 142.250.74.131:0
Hash 1adaa277cfd4affed2a17c7b263d0c55
79e17c1be728e5fa40e3651ac2fa6cea23c22b8d
8014b834687eb1570adc76215a3af45dbbf134ff26d4db03e2972786b9d87e0e
POST /s/gts1p5/Jvjy-qLmpN0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 16:49:04 GMT
age: 1779
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17444
Expires: Mon, 30 Jan 2023 22:09:28 GMT
Date: Mon, 30 Jan 2023 17:18:44 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (56656)
Hash 5c32368e2726220885c82f35b6fb4e78
bb3909d2aaca84d895296187aeaea024c76f46ec
53ceda316a9da4b956909214bb1bdaf76d2b2e3d2037614a13b6749e1e5c9e17
GET /ajax/libs/font-awesome/5.11.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: text/css; charset=utf-8
content-length: 10022
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-de0a"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 993724
expires: Sat, 20 Jan 2024 17:18:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qwq3DRLUoGYf2nIBUH%2BtM6VB8Ea%2BoeBJTySzVsSIPJpkkbZow7pc5DrUGBsk6loR%2BOQohhNB0nNSNXj6S5HHQbu93gkC6QwNXau5jPghVTZrEce1OZpSjJ0U6KSZp0oxdxrTdl8t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 791bde576aa9b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 824570
expires: Sat, 20 Jan 2024 17:18:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJxOlIMmiYVXFRXus2Gi6J8521YQeIuzPwAUpn6KtcG2lxzPXj6aURZsxyJ5P8dtAzBDsQgec1dZVuV9JzSLUt0KNdETAgk89rjmujLtfgEohEnEGgLigv19FcSqfnZcqxdMrkfj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 791bde578accb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07dcea82ca0677d77347c58bcd943425
b0882a71b171ddf5c333f71151db2dd4a80e4c39
b6005a8ac35ada7bfc816a964f9af962c0835b041e63466b0a18a42696786b57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.82.179.239101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.179.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A+D8iuSg5YxZuWRxhiSs0Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wfMDn/wFfsUhOyCffK44RkuowaM=
ocsp.pki.goog/s/gts1p5/Jvjy-qLmpN0
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Jvjy-qLmpN0
IP 142.250.74.131:0
Hash 1adaa277cfd4affed2a17c7b263d0c55
79e17c1be728e5fa40e3651ac2fa6cea23c22b8d
8014b834687eb1570adc76215a3af45dbbf134ff26d4db03e2972786b9d87e0e
POST /s/gts1p5/Jvjy-qLmpN0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 59c5cc0cf7d0b64734f3ee24cdc2482c
5bd095eba6421e1b275b861f98cd2372b9a0555e
59cfcaa12a4de87b420f02bdb01599a0ef3c133607eb5ba961098d648fbabbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-fOXi0TVLsMI/YQObM5zddxI/AAAAAAAAKb8/FlvFR6PKO-U9aLC5U3FkU7bwRVKh7LhcQCNcBGAsYHQ/s320/kfap.png
142.250.74.161200 OK 7.7 kB URL HTTP/2 1.bp.blogspot.com/-fOXi0TVLsMI/YQObM5zddxI/AAAAAAAAKb8/FlvFR6PKO-U9aLC5U3FkU7bwRVKh7LhcQCNcBGAsYHQ/s320/kfap.png
IP 142.250.74.161:0
File type PNG image data, 320 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash 08460b7aecdc2a31659f682827346ff9
7e1f0ca767f4e8a79041cae0b6b1fbf065ce0f1f
2c20596d8046335bcb006f2d803f3e26aa5d327f68b007068527f21c2310509c
GET /-fOXi0TVLsMI/YQObM5zddxI/AAAAAAAAKb8/FlvFR6PKO-U9aLC5U3FkU7bwRVKh7LhcQCNcBGAsYHQ/s320/kfap.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="kfap.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 7714
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:18:44 GMT
expires: Sat, 28 Jan 2023 10:08:01 GMT
cache-control: public, max-age=86400, no-transform
etag: "v29c0"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 59c5cc0cf7d0b64734f3ee24cdc2482c
5bd095eba6421e1b275b861f98cd2372b9a0555e
59cfcaa12a4de87b420f02bdb01599a0ef3c133607eb5ba961098d648fbabbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1253685842-widgets.js
216.58.207.233200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1253685842-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b329ea3a8875a3cb1fff0b03b148b3f5
97cb465dc452e56a75e6e2caf453aba800719305
71572f07e491477cf2d6925d94658fbd5f054172291071f8675f6a4aec6dcc09
GET /static/v1/widgets/1253685842-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 01:57:07 GMT
expires: Tue, 30 Jan 2024 01:57:07 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 27 Jan 2023 00:03:44 GMT
content-type: text/javascript
age: 55297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 15:34:38 GMT
expires: Wed, 24 Jan 2024 15:34:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 17:56:07 GMT
content-type: text/javascript
age: 524646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07dcea82ca0677d77347c58bcd943425
b0882a71b171ddf5c333f71151db2dd4a80e4c39
b6005a8ac35ada7bfc816a964f9af962c0835b041e63466b0a18a42696786b57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 353ac22db73d0d1f6401c9a6dae0af28
266f51bf2f05d8431e9b6ada929b1513167d5411
b8dd1137414d56fdb844922a9cfddf36e06093b863632d40332b3d9cae51f7c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/DpyHQm5/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-13.jpg
162.19.58.158200 OK 71 kB URL HTTP/2 i.ibb.co/DpyHQm5/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-13.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash 4e6e5ec25cab46c88a347368fc95ccba
a898a582e079578bd7111e450a5dcb5dbd3ab53f
56fd960a23bc4e41f188b5a1104937982d71bede485810d662bdcd2c71784867
GET /DpyHQm5/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-13.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 70909
last-modified: Mon, 30 Jan 2023 08:36:22 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/4TJMjrn/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-6.jpg
162.19.58.158200 OK 75 kB URL HTTP/2 i.ibb.co/4TJMjrn/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-6.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash c46de81a5867759669c85fec1a0115d7
a2e18e9c600e6030d689830229b810989af3b2ab
6fe9211996ca518a8f36094b502a4bcad007bbb01580b31d4debb192534d946e
GET /4TJMjrn/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-6.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 74551
last-modified: Mon, 30 Jan 2023 08:36:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/3yfFNvr/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-14.jpg
162.19.58.158200 OK 95 kB URL HTTP/2 i.ibb.co/3yfFNvr/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-14.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash 1054ba932e2fb2ea119c644fedebd7e6
73e1e77cf05c2805451f948cf17af5805d55b8e8
f5feb9c85291abed0ed0f1c1f747d64796483c61ffd391d0b42894c68109dfb7
GET /3yfFNvr/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-14.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 94699
last-modified: Mon, 30 Jan 2023 08:36:22 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/vqVYGkC/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-7.jpg
162.19.58.158200 OK 79 kB URL HTTP/2 i.ibb.co/vqVYGkC/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-7.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash 66cee29b0ca01b97c910ac013cffbe77
56be4c12ad17e13c2a1db26a19e860dc14d6da60
be4ea60f2457b293ebe83d0adb88f259906c3f43d038c7f38e15c49de81b0478
GET /vqVYGkC/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-7.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 78616
last-modified: Mon, 30 Jan 2023 08:36:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/Fz4MCDh/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023.jpg
162.19.58.158200 OK 54 kB URL HTTP/2 i.ibb.co/Fz4MCDh/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 832x624, components 3\012- data
Hash a9c3c620951e9c0d125a89edb99ab859
7b69ba52a48a06a058c081074b8195ca824380c4
7d77562cc5942444133a919b9df3026ec360eb4fb4e647d3eea49ad097af3458
GET /Fz4MCDh/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 53540
last-modified: Mon, 30 Jan 2023 08:36:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/mRj76cr/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-15.jpg
162.19.58.158200 OK 89 kB URL HTTP/2 i.ibb.co/mRj76cr/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-15.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash df1a82440b0b07fe4a92c8014d8ee9b6
a228e586d08a0bde71431b955e736cce8d8e4a85
1bd972ac1eb955f3720d08fad36cf50754bc1980a9f38164c80a5eb3ee183511
GET /mRj76cr/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-15.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 88821
last-modified: Mon, 30 Jan 2023 08:36:23 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/thj6HpB/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-16.jpg
162.19.58.158200 OK 90 kB URL HTTP/2 i.ibb.co/thj6HpB/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-16.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash e76f20ec23c5481630e88ae7801aaf7b
69df777a69c5ef58811a13d06d3e4910b877d373
0fcb5c602ee731791441c870d6d5fa8b39b39aff072c67841b42949837a723f9
GET /thj6HpB/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-16.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 90410
last-modified: Mon, 30 Jan 2023 08:36:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/R3zLQKm/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-5.jpg
162.19.58.158200 OK 71 kB URL HTTP/2 i.ibb.co/R3zLQKm/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-5.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash 4d6e0296a8a7dfc7afc4880b72c7e919
f11f9779353b42357f36e0b3fb1b8e7882d40f1f
b1cad18fba012298637f71bca509df84cd81fa2c65a2d92c1c799c4287877d89
GET /R3zLQKm/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-5.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 70608
last-modified: Mon, 30 Jan 2023 08:36:15 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/5410kSs/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-9.jpg
162.19.58.158200 OK 97 kB URL HTTP/2 i.ibb.co/5410kSs/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-9.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash 00a5c665e6b7fe7089843ace3f3753a0
f0f1f5778615ed099effc80ad85050d27f3b0721
268cebcd78810abd8e2fdf12e157f846341dc227df4fdb8a310d18d0b5833528
GET /5410kSs/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-9.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 96556
last-modified: Mon, 30 Jan 2023 08:36:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/VYcg5f8/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-12.jpg
162.19.58.158200 OK 70 kB URL HTTP/2 i.ibb.co/VYcg5f8/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-12.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash c735f5f1c0760bd582b53bc6d00aa18a
4c387fe0bc1935f5087bbe68f68d5ccde4d7e956
e5f7276e6ac34114c46d2def962d87390d840c5b97bf4c74b95b4d213b134641
GET /VYcg5f8/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-12.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 69694
last-modified: Mon, 30 Jan 2023 08:36:21 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/M6csqXW/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-8.jpg
162.19.58.158200 OK 79 kB URL HTTP/2 i.ibb.co/M6csqXW/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-8.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash c9959c695cc33da0529261762c3f7031
c47d71f0f3d910cb367da4ec1a9353b9a1406ee2
6bf7964dfdf27552e999e8130f81d15fa9a2eafa97b505f47571ab94b8a457c1
GET /M6csqXW/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-8.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 79098
last-modified: Mon, 30 Jan 2023 08:36:18 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/fNWR5mr/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-2.jpg
162.19.58.158200 OK 86 kB URL HTTP/2 i.ibb.co/fNWR5mr/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-2.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash c10f21209465fbb17dbee00bf2472b05
640c9e0d72f1d18abfb65e48995f56d9d2c5de35
3b72b04134989264a4ca234d335348e8dde64078e8b6005fed5b88a730f254a8
GET /fNWR5mr/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-2.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 86442
last-modified: Mon, 30 Jan 2023 08:36:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/ngd3GdH/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-10.jpg
162.19.58.158200 OK 82 kB URL HTTP/2 i.ibb.co/ngd3GdH/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-10.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash b3a14ad9fe17879438bbd6f36f0d888a
df99a823abef86322a25436b28db27ef9689e4f8
f3fc99ee1372dc21e17cef5241e2ea9303cdad2a3d8a7d42e8265bdc6ba3017e
GET /ngd3GdH/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-10.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 82147
last-modified: Mon, 30 Jan 2023 08:36:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/LCcJYD0/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-3.jpg
162.19.58.158200 OK 82 kB URL HTTP/2 i.ibb.co/LCcJYD0/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-3.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash e57123a7eac47320badac279584efb10
838136958a6ddd95ceb88cf0efb5f19aa6c0f5d5
55fcac2d6f218fd5c22bf9542a242645e7c5f9b7a2dac37fdcba62751d0312fa
GET /LCcJYD0/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-3.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 82307
last-modified: Mon, 30 Jan 2023 08:36:14 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/YLG25c2/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-11.jpg
162.19.58.158200 OK 81 kB URL HTTP/2 i.ibb.co/YLG25c2/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-11.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash 7c9d4d5f8115d6e71a713e739e1e4bf1
1a65fcad6389b51c016b69d971d33852aef3f78c
2bbea35b72c78035007632438211ae4e373d26d4f63107afdf97d30809682f6d
GET /YLG25c2/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-11.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 80600
last-modified: Mon, 30 Jan 2023 08:36:20 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/C886jkz/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-4.jpg
162.19.58.158200 OK 69 kB URL HTTP/2 i.ibb.co/C886jkz/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-4.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash 74ebe53cb3bcea67d892ac11e40a8d29
99f1e99432db462cc37f71494965c1b491e40d96
d786eb8a67e789fee8ded09a91ed0f55b1eaa274e03b20e9299502a53f42f5a8
GET /C886jkz/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-4.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 69271
last-modified: Mon, 30 Jan 2023 08:36:14 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/B2bW8HK/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-1.jpg
162.19.58.158200 OK 100 kB URL HTTP/2 i.ibb.co/B2bW8HK/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-1.jpg
IP 162.19.58.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x634, components 3\012- data
Hash e3e2d538ac1e17ded9c77a53e5c43719
8645b07b8913b7857ff659e6ab0bd9628112fbc0
d18cf13b80e667c462df1ab2f95bf5d049babc5c0dea10a1b3006f9e99583d0b
GET /B2bW8HK/Song-Min-kyung-Sex-Scene-in-10-Day-Lover-2023-1.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: image/jpeg
content-length: 99546
last-modified: Mon, 30 Jan 2023 08:36:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7e9d2f6720c18ffd9843274cdf27ad6
db32229e0bb5cc77b9160138b2ebd241e12073ed
45d2c7ebbab67ee49d7c7f93f39b48dbd3724cf15432212f0e37537dc7f4ec28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45D2C7EBBAB67EE49D7C7F93F39B48DBD3724CF15432212F0E37537DC7F4EC28"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2322
Expires: Mon, 30 Jan 2023 17:57:26 GMT
Date: Mon, 30 Jan 2023 17:18:44 GMT
Connection: keep-alive
ss.mndsrv.com/native.js
199.241.100.27200 OK 66 kB IP 199.241.100.27:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fce70ccce4ac67a87b50de41d949c2f4
1f13180652ddb34d29d3b27dc41adbf7f723b07d
3b116c6056882b9061261a310b9cdc51ab40ebd9b826142cb11cad80dc26b7d4
GET /native.js HTTP/1.1
Host: ss.mndsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 30 Jan 2023 17:18:44 GMT
Content-Type: application/javascript
Content-Length: 66289
Last-Modified: Thu, 12 Jan 2023 09:43:43 GMT
Connection: keep-alive
ETag: "63bfd64f-102f1"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e96ad13d4d063a7a108f9b83c855c669
8c28af02c3e0a4932a3787446f3c418941a4521b
0e337ea1048f9cfffd10651c3ddc866e6b1f0ade96c5ed7999dc57bf55a127e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E337EA1048F9CFFFD10651C3DDC866E6B1F0ADE96C5ED7999DC57BF55A127E4"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21566
Expires: Mon, 30 Jan 2023 23:18:11 GMT
Date: Mon, 30 Jan 2023 17:18:45 GMT
Connection: keep-alive
conductiveruthless.com/b2e187dc6e46317b557fede7e3b89961/invoke.js
173.233.139.164200 OK 9.3 kB URL HTTP/1.1 conductiveruthless.com/b2e187dc6e46317b557fede7e3b89961/invoke.js
IP 173.233.139.164:0
File type Unicode text, UTF-8 text, with very long lines (25082), with no line terminators
Hash ca836fffa59a9c324fa4119de132d26e
a48bc4bc45e5bf9f265fa740b48ce561a185dcf1
f1d83d2f583a975d9969278eac1feacf7e21e76af71ac845948b8e7805d941d1
Analyzer Verdict Alert quad9 Sinkholed
GET /b2e187dc6e46317b557fede7e3b89961/invoke.js HTTP/1.1
Host: conductiveruthless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 873d332d22aebf76c6e3fb666d45427f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
conductiveruthless.com/77/f9/4e/77f94effa27aef96eaf53ca64626b8a7.js
173.233.139.164200 OK 21 kB URL HTTP/1.1 conductiveruthless.com/77/f9/4e/77f94effa27aef96eaf53ca64626b8a7.js
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (60134), with no line terminators
Hash a1d39ede0184ed1bfb498e344433c01e
c77b9c4a5c043f75a9389c8e4ddc4c671a369800
ac2d61c354ead137eb942f29d2088d39ade343069e8f29e794e1ec05b3709d74
Analyzer Verdict Alert quad9 Sinkholed
GET /77/f9/4e/77f94effa27aef96eaf53ca64626b8a7.js HTTP/1.1
Host: conductiveruthless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c6b67499b08196e5a6a8c6ca67f82eaf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.popcash.net/img/affiliate/300x250.jpg
151.139.128.10200 OK 45 kB URL HTTP/2 static.popcash.net/img/affiliate/300x250.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 300x250, components 3\012- data
Hash b381dbe9409b7abe79b358518b8ccd9c
92000897948603aa0778fef79da32cb63a2f8649
852951fbcd432106e5d6f59a97d8f122be618fe79036f7df5afbc8b2b4c16678
GET /img/affiliate/300x250.jpg HTTP/1.1
Host: static.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:45 GMT
content-length: 44843
content-type: image/jpeg
last-modified: Wed, 02 Nov 2022 15:56:00 GMT
accept-ranges: bytes
etag: "63629310-af2b"
cache-control: max-age=2592000, public
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqdJP299WiEMhBqhlazZozOTSI3QKyIMXU16ouAxxDZ8r9ogpIQTWB1u35IXOdunp0TZOhNgVI4vOeY9iRmtPKk4bXtDND9FPzcpEHRXNgZ1BgkCy3IjO9Zc21G9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 766198153dd90eac-AMS
x-hw: 1675099125.cds205.sk1.hn,1675099125.cds230.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 84ce8285280f40682210368ce53ec9ad
9776a0693f3cabb50fcc62b76f2f854c79b644de
474dcf98b5421fb95a01172e7f5cf3e4754a81da59ac19a67372f68b769538da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1279
Cache-Control: max-age=140595
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:45 GMT
Etag: "63d77929-117"
Expires: Wed, 01 Feb 2023 08:22:00 GMT
Last-Modified: Mon, 30 Jan 2023 08:00:41 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb05fe72cd5bb1f041e10afad86f98d3
c8a06f10b1c2e41a3bfb20037ee9535cc385c4d4
1b2bf7915ff10a3294887f50f050ef0125fa3e90d3e932322e5bba01c26d03c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B2BF7915FF10A3294887F50F050EF0125FA3E90D3E932322E5BBA01C26D03C1"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10513
Expires: Mon, 30 Jan 2023 20:13:58 GMT
Date: Mon, 30 Jan 2023 17:18:45 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20724, version 1.0\012- data
Hash 43c849ea0258ce0d23a480e840881f16
5222f2283ff9eed9c05025b15dcca453a43cb8c3
b3287a4018a220fe4a205c68bbb34a847fe5038c5dfbe575dd538df025b0497a
GET /s/raleway/v14/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:12:11 GMT
expires: Sat, 27 Jan 2024 02:12:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jul 2019 03:48:13 GMT
content-type: font/woff2
age: 313594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash faf1d8a7f1edd1251b55117f41d77161
7e6b55f7968cc7381b7aa4deeed12d2692f135a2
8c27b658d2267f2dd6d138e17751edaec11d04c9e0f6015212dd92fb583533bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 17:18:45 GMT
Last-Modified: Mon, 30 Jan 2023 15:42:24 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: at3hu1wijPxz-HeWgITMrUdwt0Gunq1fXpraAbqzIDNfX4W7XqCwnw==
Age: 5781
conductiveruthless.com/c48b4867467ec42f813fbe19f1d4db74/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 conductiveruthless.com/c48b4867467ec42f813fbe19f1d4db74/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26955), with no line terminators
Hash 910aece110d3b3c507825e41b6116fed
bfeccd5a9f3ebb8dac488d1fc41e7f1df457678f
4af5e5158653ea5bb14bb3a49dd886fc770003fed45f8ceead3caf9758ddedd0
Analyzer Verdict Alert quad9 Sinkholed
GET /c48b4867467ec42f813fbe19f1d4db74/invoke.js HTTP/1.1
Host: conductiveruthless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: db3490ac24b893fa40edd4173c99194e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 873df3df427e7358b04fc18cca7055a1
bea56cc0e575cfeac0cf3f5cccc73761ceb3342c
641ad1c934a1297ecc5b11930cba4177f48b8683b95ffb3b86197b16629090b8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "641AD1C934A1297ECC5B11930CBA4177F48B8683B95FFB3B86197B16629090B8"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3091
Expires: Mon, 30 Jan 2023 18:10:16 GMT
Date: Mon, 30 Jan 2023 17:18:45 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 626254d9675232dda3a82678858d6612
ea477e1a243fd054da43dd692178b9a60d19524d
08df24fd92e17aece75e03d014223d4672c8d45d009006637ce91515a676991d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.kfap.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d:3:1; expires=Thu, 27 Jan 2033 17:18:45 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 626254d9675232dda3a82678858d6612
ea477e1a243fd054da43dd692178b9a60d19524d
08df24fd92e17aece75e03d014223d4672c8d45d009006637ce91515a676991d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Cookie: uid_id2=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.kfap.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v14/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v14/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21612, version 1.0\012- data
Hash 9d182d98e01325f30dee06e58c385c1a
ec506d7dd541ff5da02d4977008901943d93d1be
a7234159c958ef1e0d13bcd8b858876d3ac1a99bc7e8165559fd528adfccbb6b
GET /s/raleway/v14/1Ptsg8zYS_SKggPNyCg4TYFq.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21612
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 03:12:24 GMT
expires: Sat, 27 Jan 2024 03:12:24 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jul 2019 03:47:53 GMT
content-type: font/woff2
age: 309981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPAA.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPAA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20864, version 1.0\012- data
Hash 77d77f36bed0a452984832f6b5f22e3f
787b42ec8f4a44925270d81a9fdeda0ba69ba707
0a654aef5d8378e00c1a8a8e6876a8e4246b41cf46a3cabf1bf495617ca4086e
GET /s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPAA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20864
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:12:11 GMT
expires: Sat, 27 Jan 2024 02:12:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jul 2019 03:47:36 GMT
content-type: font/woff2
age: 313594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tragicbeyond.com/pixel/purst?dl=0&th=0&sc=0&rs=2030&rd=2030&fd=960&bv=22.10.v.9&tmpl=70
173.233.139.164200 OK 0 B URL HTTP/1.1 tragicbeyond.com/pixel/purst?dl=0&th=0&sc=0&rs=2030&rd=2030&fd=960&bv=22.10.v.9&tmpl=70
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2030&rd=2030&fd=960&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: tragicbeyond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:45 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwPIsWqZPAA.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwPIsWqZPAA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20872, version 1.0\012- data
Hash 911d926608ce81ca8d62e74b7d09d276
e0ff54366f03e110e51c2850db6eac72dc4f25fe
7e088dcc1b0435ae26460f199b7362c41f885a5ec9ff8efc17d7e12ed053c123
GET /s/raleway/v14/1Ptrg8zYS_SKggPNwPIsWqZPAA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 00:35:38 GMT
expires: Fri, 26 Jan 2024 00:35:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jul 2019 03:47:40 GMT
content-type: font/woff2
age: 405787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6753
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:18:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6753
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:18:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6753
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:18:45 GMT
Connection: keep-alive
fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPAA.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPAA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21164, version 1.0\012- data
Hash 6a9b9c422e662a18013ee064fd789213
dbd7535cca2552efef08a77d11956652cc09bcd8
ccffda12d4002d59565466849044e53ff6734de84baa233f12a725662d8f8681
GET /s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPAA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 18:59:15 GMT
expires: Wed, 24 Jan 2024 18:59:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jul 2019 03:47:45 GMT
content-type: font/woff2
age: 512370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6753
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:18:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6753
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:18:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 69558
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 49217359c92d868bd323026ad8f9de84
ddcd238b4e2060bd3a118a7558d2770b57aef42e
da8457727e90f93e253d3e04f07c8b8780cde4f6c49ee78dbaa35a5f0e21ecde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA8457727E90F93E253D3E04F07C8B8780CDE4F6C49EE78DBAA35A5F0E21ECDE"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2884
Expires: Mon, 30 Jan 2023 18:06:49 GMT
Date: Mon, 30 Jan 2023 17:18:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 68988
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 68328
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 70043
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HvqpQI-tR9W2NwvIgoi8loQaD--rOgVYFdLdkdlaXMhe4ts9mYqahg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:50:16 GMT
age: 70109
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 05:47:49 GMT
age: 41456
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
conductiveruthless.com/79225122e38676a1103bf1827409b014/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 conductiveruthless.com/79225122e38676a1103bf1827409b014/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26943), with no line terminators
Hash 242e483fd9aa0e8f91be0391e5cad73b
fc296fadd4eba2b8f78c67839282dfa0f04dd8cd
883579626cc1fe5da94d88aae5fa03997b3cb0786959c69446e0bd10cece59e0
Analyzer Verdict Alert quad9 Sinkholed
GET /79225122e38676a1103bf1827409b014/invoke.js HTTP/1.1
Host: conductiveruthless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9ac47743e666237c7fda1116882ac23e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
mega.nz/embed/6kUiECZB
31.216.145.5200 OK 801 B IP 31.216.145.5:0
ASN #203055 Datacenter Luxembourg S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ac54b97d0018eeb8dbc68d7187a18244
d12df8e2a63a1c55e0b4a1fa44d6802805f171cc
a13d6d4b63e13b66763f0bd7ab0e18530b589fbab8aef5bd4e828ad58932ff26
GET /embed/6kUiECZB HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
Content-Length: 801
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Robots-Tag: noindex
Set-Cookie: geoip=NO
Content-Security-Policy: default-src 'self' data: blob: *.mega.co.nz *.mega.nz *.mega.io http://*.mega.co.nz http://*.mega.nz http://*.mega.io wss://*.karere.mega.nz wss://*.sfu.mega.co.nz *.karere.mega.nz:1380 http://127.0.0.1:6341 localhost.megasyncloopback.mega.nz:6342; script-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob:; style-src 'self' 'unsafe-inline' *.mega.co.nz *.mega.nz *.mega.io data: blob:; frame-src 'self' *.megapay.nz mega: *.megaad.nz https://mega.nz/ https://mega.io/; img-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob: mega.nz
Connection: Keep-Alive
conductiveruthless.com/50d808ce51dccbb6fdefbc0962ab74fd/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 conductiveruthless.com/50d808ce51dccbb6fdefbc0962ab74fd/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 8d34308964e23f3032d41b2c7360f184
6aa35f2832a5b754f1dc2f040354330b2ad5f9e9
02cc2f12f778d7c2a4c1f368cddbcaf053bb31c51fbf1c96619e585e2b057967
Analyzer Verdict Alert quad9 Sinkholed
GET /50d808ce51dccbb6fdefbc0962ab74fd/invoke.js HTTP/1.1
Host: conductiveruthless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 649cb2be65245b6d7cc8ba90487c8ba0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
mega.nz/secureboot.js?r=1674788062
31.216.145.5200 OK 67 kB URL HTTP/1.1 mega.nz/secureboot.js?r=1674788062
IP 31.216.145.5:0
ASN #203055 Datacenter Luxembourg S.A.
File type Unicode text, UTF-8 text, with very long lines (22407)
Hash 16a5c8469056072ab6dd56aff86df734
2da82a73db05460abfdaa23892f0cb786d2fcbd3
cd6c3c18580bac46c01f1e977ae8740ae729ddef6bd01c28ab7a1f6c11b2c4b8
GET /secureboot.js?r=1674788062 HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/embed/6kUiECZB
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 67116
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash df9cc0fd50ca39b958de0dd798913a87
4e8a968fe32696512dbb701284f9b41de998e9ce
d4ed7b33cfffddec99ed92ba347802bb5b29a71f7874a847a125fe78bba854e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4ED7B33CFFFDDEC99ED92BA347802BB5B29A71F7874A847A125FE78BBA854E3"
Last-Modified: Sat, 28 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10541
Expires: Mon, 30 Jan 2023 20:14:26 GMT
Date: Mon, 30 Jan 2023 17:18:45 GMT
Connection: keep-alive
conductiveruthless.com/50d808ce51dccbb6fdefbc0962ab74fd/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 conductiveruthless.com/50d808ce51dccbb6fdefbc0962ab74fd/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26937), with no line terminators
Hash 3d408c5f439a5dd84a6476fb1711dd0e
c0175d1bf37bd52e489272541ce64229e424745f
65c6c60aa659ce9452057c3c6902b594d48a581ebf2013041a5c0a0247f7b1f9
Analyzer Verdict Alert quad9 Sinkholed
GET /50d808ce51dccbb6fdefbc0962ab74fd/invoke.js HTTP/1.1
Host: conductiveruthless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5e16050ed06f044383a8dd4ff69d0ee2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
syndication.realsrv.com/v1/api.php
95.211.229.248200 OK 1.2 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1567), with no line terminators
Hash 7d3a3ec0ecb3dc6aa752a1dbed1dcc40
09e2dc8ee55226e18f50e302b5522717cc7d72ca
913bc49679991aa18fb2b71984f132e36c1f9a9d35b1c2666420de12e327b3ba
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 326
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.kfap.xyz
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263d7fbf5dd1832.984889964029074208%22%3B%7D; expires=Wed, 29-Jan-2025 17:18:46 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3803a864a63b1022b46d565f7b6dc7db
d780b8cae2607e4f25ce07cf6ebeb3733abfa41e
b2290676bd328bf19e2373fd925210730137481074d035928acf3c60ac37d67c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2290676BD328BF19E2373FD925210730137481074D035928ACF3C60AC37D67C"
Last-Modified: Sun, 29 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4987
Expires: Mon, 30 Jan 2023 18:41:53 GMT
Date: Mon, 30 Jan 2023 17:18:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7116d047a7e7b657292329fdafaf3b0e
870345c408952e65de9bb085c3cc8c8f42f6e891
468f1bec650ee4e60872c1d1eed92422f7551912e7e3c48e63d4d9dde252efb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "468F1BEC650EE4E60872C1D1EED92422F7551912E7E3C48E63D4D9DDE252EFB0"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3604
Expires: Mon, 30 Jan 2023 18:18:50 GMT
Date: Mon, 30 Jan 2023 17:18:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d1ae6420f7922f374605c69fed591055
a486efa8314ea9d9fb96545e3996fb8e2318fb2a
3c31bef9e64387a39e7e226b9bb245aeafbcc2f334ea644198f45557bdc46001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C31BEF9E64387A39E7E226B9BB245AEAFBCC2F334EA644198F45557BDC46001"
Last-Modified: Mon, 30 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10124
Expires: Mon, 30 Jan 2023 20:07:30 GMT
Date: Mon, 30 Jan 2023 17:18:46 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
landings-cdn.adsterratech.com/referralBanners/png/300%20x%20250%20px.png
142.0.204.220200 OK 90 kB URL HTTP/1.1 landings-cdn.adsterratech.com/referralBanners/png/300%20x%20250%20px.png
IP 142.0.204.220:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash a28902cd41b26954be2c97eea41089a1
c69d00be80adbcba05b788d2dcf7967d0d15a65f
5b4fa649af59a8350f401a661a5ecfed92130aa0aa9825ac3777c2a893a96e61
GET /referralBanners/png/300%20x%20250%20px.png HTTP/1.1
Host: landings-cdn.adsterratech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 30 Jan 2023 17:18:45 GMT
Content-Type: image/png
Content-Length: 90409
Last-Modified: Wed, 02 Feb 2022 00:50:11 GMT
Connection: keep-alive
ETag: "61f9d543-16129"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes
prototypewailrubber.com/watch.581194220772.js?key=c48b4867467ec42f813fbe19f1d4db74&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 prototypewailrubber.com/watch.581194220772.js?key=c48b4867467ec42f813fbe19f1d4db74&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.581194220772.js?key=c48b4867467ec42f813fbe19f1d4db74&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1 HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kfap.xyz
Access-Control-Allow-Origin: https://www.kfap.xyz
Access-Control-Allow-Credentials: true
Location: https://prototypewailrubber.com/watch.581194220772.js?key=c48b4867467ec42f813fbe19f1d4db74&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=9fec6ec16ac925a40193f5b873cc88ea8ab3902c1a5f49834fb9fbafa1fa42445edfee117241fc7cb93032c66da07cf8387230e14f50f110df43e20c62c6d0167b637c8a06cb44f54e494cbc0598680ec46aab29&pst=1675099186&rmtc=t
Set-Cookie: u_pl=18260689; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI2MDY4OSwiayI6ImM0OGI0ODY3NDY3ZWM0MmY4MTNmYmUxOWYxZDRkYjc0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk0OTM4LCJwaWQiOjQ4NDE4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIsImFpZCI6MjMsInB0Ijo0LCJwayI6ImVqemtyYTd5aDIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cua2ZhcC54eXovMjAyMy8wMS9hY3RyZXNzLXNvbmctbWluLWt5dW5nLXNleC1zY2VuZS1pbi0xMC5odG1sP209MSJ9fQ.xspGULzKg3m3MQhjC_Iu0rHTfo7Z0MpnBCP9gH9yfcQ; expires=Mon, 30 Jan 2023 17:19:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25a2aa40c63fffdcd3e8e89debf5c6e5
Strict-Transport-Security: max-age=0; includeSubdomains
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OQW4DMQj8Sj+wFmDAkHN7baRUeYA3671UaiOlh03F4+N1FanMgREwwxBQngCnDC9IB7QDazgmh8SUUDjej6dgjM+1XtPP9zWYFMSD1bJLuBJnDi6kghQC1rkVKRrFHFxLH0DkgA6SzLyzBAheqLgJsaqGQZw/XuPtfApMYCzPRpEBNhIIHEl2M+4ctt1QWtVSqjtVXXVuGdGJ6yLLah27CP6Sb/ffEWE8L+x9Q89Bx4Sj9YIYrN7uX5eIfyfj3xBpsO3WMa+g1rjgxZeqWedMjXJbWrMKtOgD0X9OP1wBAAA=
95.211.229.248200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OQW4DMQj8Sj+wFmDAkHN7baRUeYA3671UaiOlh03F4+N1FanMgREwwxBQngCnDC9IB7QDazgmh8SUUDjej6dgjM+1XtPP9zWYFMSD1bJLuBJnDi6kghQC1rkVKRrFHFxLH0DkgA6SzLyzBAheqLgJsaqGQZw/XuPtfApMYCzPRpEBNhIIHEl2M+4ctt1QWtVSqjtVXXVuGdGJ6yLLah27CP6Sb/ffEWE8L+x9Q89Bx4Sj9YIYrN7uX5eIfyfj3xBpsO3WMa+g1rjgxZeqWedMjXJbWrMKtOgD0X9OP1wBAAA=
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OQW4DMQj8Sj+wFmDAkHN7baRUeYA3671UaiOlh03F4+N1FanMgREwwxBQngCnDC9IB7QDazgmh8SUUDjej6dgjM+1XtPP9zWYFMSD1bJLuBJnDi6kghQC1rkVKRrFHFxLH0DkgA6SzLyzBAheqLgJsaqGQZw/XuPtfApMYCzPRpEBNhIIHEl2M+4ctt1QWtVSqjtVXXVuGdGJ6yLLah27CP6Sb/ffEWE8L+x9Q89Bx4Sj9YIYrN7uX5eIfyfj3xBpsO3WMa+g1rjgxZeqWedMjXJbWrMKtOgD0X9OP1wBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263d7fbf5dd1832.984889964029074208%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.kfap.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Wed, 29 Jan 2025 17:18:46 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
216.58.207.228200 OK 668 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 216.58.207.228:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash dc0970ee345b90a14d79327dc20bf48c
ef64af0b9aa38731125da81bbd3aa5247d30da7d
37b0c4b55ed83ab6e05003db8b0c4814ea0f92100727929af3407e535d1c8a10
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 30 Jan 2023 17:18:46 GMT
date: Mon, 30 Jan 2023 17:18:46 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
conductiveruthless.com/c48b4867467ec42f813fbe19f1d4db74/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 conductiveruthless.com/c48b4867467ec42f813fbe19f1d4db74/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26943), with no line terminators
Hash 242e483fd9aa0e8f91be0391e5cad73b
fc296fadd4eba2b8f78c67839282dfa0f04dd8cd
883579626cc1fe5da94d88aae5fa03997b3cb0786959c69446e0bd10cece59e0
Analyzer Verdict Alert quad9 Sinkholed
GET /c48b4867467ec42f813fbe19f1d4db74/invoke.js HTTP/1.1
Host: conductiveruthless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8dabae4fc268f5f1ecc516f67f61acb4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
equitydefault.com/watch.1140539320679.js?key=79225122e38676a1103bf1827409b014&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 equitydefault.com/watch.1140539320679.js?key=79225122e38676a1103bf1827409b014&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1140539320679.js?key=79225122e38676a1103bf1827409b014&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1 HTTP/1.1
Host: equitydefault.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kfap.xyz
Access-Control-Allow-Origin: https://www.kfap.xyz
Access-Control-Allow-Credentials: true
Location: https://equitydefault.com/watch.1140539320679.js?key=79225122e38676a1103bf1827409b014&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=7a9f5908ba37cb4818005292a3e07592f0235d36ae915ee04535467d5cf036bcb76309d456a889ebd795240ec861993f58f2d1ffe165e561530615ddeb6bf696cc6a2e52ed7602c2ae37e37ec202f302197f5340&pst=1675099186&rmtc=t
Set-Cookie: u_pl=18264661; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI2NDY2MSwiayI6Ijc5MjI1MTIyZTM4Njc2YTExMDNiZjE4Mjc0MDliMDE0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk0OTM4LCJwaWQiOjQ4NDE4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIsImFpZCI6MjcsInB0Ijo0LCJwayI6Inp4dTdramRxNTIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cua2ZhcC54eXovMjAyMy8wMS9hY3RyZXNzLXNvbmctbWluLWt5dW5nLXNleC1zY2VuZS1pbi0xMC5odG1sP209MSJ9fQ.26chEKcGUFaK1k4SOzxp_FqpfyCdRzOWCVHnV5ibD-4; expires=Mon, 30 Jan 2023 17:19:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4019c4c493ab9cc17260b324371c8e2e
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
photos.hancinema.net/photos/photo1601704.jpg
104.26.1.212200 OK 91 kB URL HTTP/2 photos.hancinema.net/photos/photo1601704.jpg
IP 104.26.1.212:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 740x924, components 3\012- data
Hash d392e14098c5fc88a2d5dd1131e4f3d2
f61c7c89681b3463f82136f82d69a0e7586f865c
72375854063ab39e7227705ce05c6b218c28ac4683e539dd84c2ad6792d985f8
GET /photos/photo1601704.jpg HTTP/1.1
Host: photos.hancinema.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:46 GMT
content-type: image/jpeg
content-length: 91426
last-modified: Wed, 21 Dec 2022 00:18:56 GMT
etag: "187b2b8-16522-5f04b7f8a4dcd"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Hc1x5hGoBkTKyUOK%2B4h04ZiP9AvYLP0JY4lUKSwd3DgO0uVT%2F2Mk3pVT40oSNAYK6SV6RsYcKAxmSOFMIvc%2F6URw04ec2Azj3Rs5jKs%2Bu94rzlINkJsvCOfwxsMtf6KM8%2BiA9q%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde5dfff6b511-OSL
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/426059/6713c027f236b41790e5e0adf5ac7b536cbfb829.mp4
185.76.9.25206 Partial Content 96 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/426059/6713c027f236b41790e5e0adf5ac7b536cbfb829.mp4
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash af264f0c9548b824bf80410b52e5ed3f
6713c027f236b41790e5e0adf5ac7b536cbfb829
56e886a2f303c13e1e2454c7af505bf3af735c5905fd148c87e61454c498d718
GET /library/426059/6713c027f236b41790e5e0adf5ac7b536cbfb829.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Mon, 30 Jan 2023 17:18:46 GMT
content-type: video/mp4
content-length: 96230
last-modified: Mon, 30 Jan 2023 15:02:27 GMT
etag: "63d7dc03-177e6"
expires: Tue, 30 Jan 2024 16:30:09 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1706632209
server: CDN77-Turbo
x-77-nzt: AblMCRRKhxH/ZQsAAA
x-77-nzt-ray: af5856307510c14bf6fbd7639a9b0e10
x-cache: HIT
x-age: 2917
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-96229/96230
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 282 B IP 172.64.155.188:0
Hash e119d7423c0340b94e79d216c8d6f438
10b2f30c47e53248b379b43ccc4d59d45287f669
2ee7dc751c71243e832cfb2adcc5679d11be0b85318296785bc07f7fe23570c9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 16:43:13 GMT
Expires: Sun, 05 Feb 2023 16:43:12 GMT
Etag: "10b2f30c47e53248b379b43ccc4d59d45287f669"
Cache-Control: max-age=515665,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791bde632e000b31-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 282 B IP 172.64.155.188:0
Hash e119d7423c0340b94e79d216c8d6f438
10b2f30c47e53248b379b43ccc4d59d45287f669
2ee7dc751c71243e832cfb2adcc5679d11be0b85318296785bc07f7fe23570c9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 16:43:13 GMT
Expires: Sun, 05 Feb 2023 16:43:12 GMT
Etag: "10b2f30c47e53248b379b43ccc4d59d45287f669"
Cache-Control: max-age=515665,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791bde62582d0b55-OSL
naveljutmistress.com/watch.1236564721806.js?key=50d808ce51dccbb6fdefbc0962ab74fd&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1
173.233.137.60307 Temporary Redirect 0 B URL HTTP/1.1 naveljutmistress.com/watch.1236564721806.js?key=50d808ce51dccbb6fdefbc0962ab74fd&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1236564721806.js?key=50d808ce51dccbb6fdefbc0962ab74fd&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kfap.xyz
Access-Control-Allow-Origin: https://www.kfap.xyz
Access-Control-Allow-Credentials: true
Location: https://naveljutmistress.com/watch.1236564721806.js?key=50d808ce51dccbb6fdefbc0962ab74fd&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=cb438ec3ae566adc69f97cfec7d0fb7a9dc5e72324370f76912f4e8e0d0bc3ca22e06686bd7d4c60995a2d7c3a86fb2f6c6c143aa732e7fc4406d784eb08b3e3f7732291a1bb49a654894597b1fa3cb19458fd75309c60166c8fdec27ad426bb586203&pst=1675099186&rmtc=t
Set-Cookie: u_pl=18260767; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI2MDc2NywiayI6IjUwZDgwOGNlNTFkY2NiYjZmZGVmYmMwOTYyYWI3NGZkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk0OTM4LCJwaWQiOjQ4NDE4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIsImFpZCI6NSwicHQiOjQsInBrIjoiaXM0dnE5M3QiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cua2ZhcC54eXovMjAyMy8wMS9hY3RyZXNzLXNvbmctbWluLWt5dW5nLXNleC1zY2VuZS1pbi0xMC5odG1sP209MSJ9fQ.EwAs-dbGzGiy4giXg9C_tq2f0WgWawujvTBej51WebI; expires=Mon, 30 Jan 2023 17:19:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 00b713acd1e7cc98466002fedeb63d60
Strict-Transport-Security: max-age=0; includeSubdomains
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:09:34 GMT
expires: Tue, 30 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
age: 552
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
prototypewailrubber.com/watch.581194220772.js?key=c48b4867467ec42f813fbe19f1d4db74&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=9fec6ec16ac925a40193f5b873cc88ea8ab3902c1a5f49834fb9fbafa1fa42445edfee117241fc7cb93032c66da07cf8387230e14f50f110df43e20c62c6d0167b637c8a06cb44f54e494cbc0598680ec46aab29&pst=1675099186&rmtc=t
192.243.59.20200 OK 2.4 kB URL HTTP/1.1 prototypewailrubber.com/watch.581194220772.js?key=c48b4867467ec42f813fbe19f1d4db74&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=9fec6ec16ac925a40193f5b873cc88ea8ab3902c1a5f49834fb9fbafa1fa42445edfee117241fc7cb93032c66da07cf8387230e14f50f110df43e20c62c6d0167b637c8a06cb44f54e494cbc0598680ec46aab29&pst=1675099186&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (3108)
Hash 9bc8f0c58ed452545bed5b68de94ea96
6b31314429092e8305cb0fb6358dd37cd2661d92
7d1e76ad955e1a2bb09debbf1006e4183ff7c3dac35d4cf41a3df82a6e4553c4
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.581194220772.js?key=c48b4867467ec42f813fbe19f1d4db74&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=9fec6ec16ac925a40193f5b873cc88ea8ab3902c1a5f49834fb9fbafa1fa42445edfee117241fc7cb93032c66da07cf8387230e14f50f110df43e20c62c6d0167b637c8a06cb44f54e494cbc0598680ec46aab29&pst=1675099186&rmtc=t HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kfap.xyz
Referer: https://www.kfap.xyz/
Connection: keep-alive
Cookie: u_pl=18260689; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI2MDY4OSwiayI6ImM0OGI0ODY3NDY3ZWM0MmY4MTNmYmUxOWYxZDRkYjc0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk0OTM4LCJwaWQiOjQ4NDE4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIsImFpZCI6MjMsInB0Ijo0LCJwayI6ImVqemtyYTd5aDIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cua2ZhcC54eXovMjAyMy8wMS9hY3RyZXNzLXNvbmctbWluLWt5dW5nLXNleC1zY2VuZS1pbi0xMC5odG1sP209MSJ9fQ.xspGULzKg3m3MQhjC_Iu0rHTfo7Z0MpnBCP9gH9yfcQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kfap.xyz
Access-Control-Allow-Origin: https://www.kfap.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d:3:1; expires=Mon, 06 Feb 2023 17:18:46 GMT; secure; SameSite=None
iprc9a02579262a16cd5d8537e98aa76b453=2060096; expires=Mon, 13 Feb 2023 17:18:46 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
uncs=1; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
pdhtkv23=true; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
uncs23=1; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 16d3ae8190667310cf15cfdd8242b36e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
hopefullyapricot.com/ntv.json?key=b2e187dc6e46317b557fede7e3b89961&vstc=4&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&custom=%7B%22d37e3bc4%22%3A%22a%22%7D
173.233.137.36200 OK 18 kB URL HTTP/1.1 hopefullyapricot.com/ntv.json?key=b2e187dc6e46317b557fede7e3b89961&vstc=4&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&custom=%7B%22d37e3bc4%22%3A%22a%22%7D
IP 173.233.137.36:0
File type JSON data\012- , ASCII text, with very long lines (17642), with no line terminators
Hash d2c799bfdd4940cba8781ad13094eab7
d17e770cc556437c63cd9c80772549e0038d32ec
9c07a0717cf8e223f575bb63764a774c68ae2da5887413e4e1648a3e378fd2f9
GET /ntv.json?key=b2e187dc6e46317b557fede7e3b89961&vstc=4&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&custom=%7B%22d37e3bc4%22%3A%22a%22%7D HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: application/json
Content-Length: 17642
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kfap.xyz
Access-Control-Allow-Origin: https://www.kfap.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18260748; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
uid_id2=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d:3:1; expires=Mon, 06 Feb 2023 17:18:46 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
uncs=1; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
nlecb2e187dc6e46317b557fede7e3b89961=[2229337,2229333,2229329,2019380]; expires=Mon, 30 Jan 2023 17:18:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9a6af19b2473425c104ca3c1459b29a7
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ab7c061327e6055c81b5adb4534503e3
e7881809f7bc9e808ebaffb0bf5d74515d3c4798
cace1a6a8ec55404139c82ce8310c6df4f59d6363738167f4e49fe4910086875
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACE1A6A8EC55404139C82CE8310C6DF4F59D6363738167F4E49FE4910086875"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10572
Expires: Mon, 30 Jan 2023 20:14:58 GMT
Date: Mon, 30 Jan 2023 17:18:46 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 34ac79d665fc05637c29a3fc95a8677d
4ecf9f19549d02b7c7e8bbad9a253ae55fe32ea3
880a16cdfb41d14afd57ac57841c38e981dc694baf26493b93e2ddce16b7122d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:03:25 GMT
Expires: Sat, 04 Feb 2023 01:03:24 GMT
Etag: "4ecf9f19549d02b7c7e8bbad9a253ae55fe32ea3"
Cache-Control: max-age=372877,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791bde639834b523-OSL
equitydefault.com/watch.1244023384076.js?key=c48b4867467ec42f813fbe19f1d4db74&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 equitydefault.com/watch.1244023384076.js?key=c48b4867467ec42f813fbe19f1d4db74&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1244023384076.js?key=c48b4867467ec42f813fbe19f1d4db74&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1 HTTP/1.1
Host: equitydefault.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Cookie: u_pl=18264661; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI2NDY2MSwiayI6Ijc5MjI1MTIyZTM4Njc2YTExMDNiZjE4Mjc0MDliMDE0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk0OTM4LCJwaWQiOjQ4NDE4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIsImFpZCI6MjcsInB0Ijo0LCJwayI6Inp4dTdramRxNTIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cua2ZhcC54eXovMjAyMy8wMS9hY3RyZXNzLXNvbmctbWluLWt5dW5nLXNleC1zY2VuZS1pbi0xMC5odG1sP209MSJ9fQ.26chEKcGUFaK1k4SOzxp_FqpfyCdRzOWCVHnV5ibD-4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kfap.xyz
Access-Control-Allow-Origin: https://www.kfap.xyz
Access-Control-Allow-Credentials: true
Location: https://equitydefault.com/watch.1244023384076.js?key=c48b4867467ec42f813fbe19f1d4db74&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=5aa3ffa03fac17756d981cc6acad09979a381d9bb20273bbb518cff9421c219ef00f948e997866ca3038d91ecd08cf09c093450c4a148546daab8f237fb16c33d9e744339bb16fbc451b5e1a3eafefd18f89b1&pst=1675099186&rmtc=t
Set-Cookie: u_pl=18264661,18260689; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI2MDY4OSwiayI6ImM0OGI0ODY3NDY3ZWM0MmY4MTNmYmUxOWYxZDRkYjc0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk0OTM4LCJwaWQiOjQ4NDE4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIsImFpZCI6MjMsInB0Ijo0LCJwayI6ImVqemtyYTd5aDIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cua2ZhcC54eXovMjAyMy8wMS9hY3RyZXNzLXNvbmctbWluLWt5dW5nLXNleC1zY2VuZS1pbi0xMC5odG1sP209MSJ9fQ.xspGULzKg3m3MQhjC_Iu0rHTfo7Z0MpnBCP9gH9yfcQ; expires=Mon, 30 Jan 2023 17:19:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c962449d68d212219aebc1770be2aa9b
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 34ac79d665fc05637c29a3fc95a8677d
4ecf9f19549d02b7c7e8bbad9a253ae55fe32ea3
880a16cdfb41d14afd57ac57841c38e981dc694baf26493b93e2ddce16b7122d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:03:25 GMT
Expires: Sat, 04 Feb 2023 01:03:24 GMT
Etag: "4ecf9f19549d02b7c7e8bbad9a253ae55fe32ea3"
Cache-Control: max-age=372877,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791bde638e5c0b31-OSL
mega.nz/embed/6kUiECZB
31.216.145.5200 OK 801 B IP 31.216.145.5:0
ASN #203055 Datacenter Luxembourg S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ac54b97d0018eeb8dbc68d7187a18244
d12df8e2a63a1c55e0b4a1fa44d6802805f171cc
a13d6d4b63e13b66763f0bd7ab0e18530b589fbab8aef5bd4e828ad58932ff26
GET /embed/6kUiECZB HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
Content-Length: 801
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Robots-Tag: noindex
Set-Cookie: geoip=NO
Content-Security-Policy: default-src 'self' data: blob: *.mega.co.nz *.mega.nz *.mega.io http://*.mega.co.nz http://*.mega.nz http://*.mega.io wss://*.karere.mega.nz wss://*.sfu.mega.co.nz *.karere.mega.nz:1380 http://127.0.0.1:6341 localhost.megasyncloopback.mega.nz:6342; script-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob:; style-src 'self' 'unsafe-inline' *.mega.co.nz *.mega.nz *.mega.io data: blob:; frame-src 'self' *.megapay.nz mega: *.megaad.nz https://mega.nz/ https://mega.io/; img-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob: mega.nz
Connection: Keep-Alive
solemnvine.com/watch.543703733498.js?key=50d808ce51dccbb6fdefbc0962ab74fd&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 solemnvine.com/watch.543703733498.js?key=50d808ce51dccbb6fdefbc0962ab74fd&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.543703733498.js?key=50d808ce51dccbb6fdefbc0962ab74fd&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1 HTTP/1.1
Host: solemnvine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kfap.xyz
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kfap.xyz
Access-Control-Allow-Origin: https://www.kfap.xyz
Access-Control-Allow-Credentials: true
Location: https://solemnvine.com/watch.543703733498.js?key=50d808ce51dccbb6fdefbc0962ab74fd&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=05e77516833c87c51651f91e9ae695a79ca3ac4f86c8a186d6df36b2b719298257a074bbb5061fa0664662fcf7f4362e2e330a59554fcdccad1c113e357f13177a171ad97fe45d4b614c6095fccdca2c8b3665a8eb8927d8af9a4511fd8f3e&pst=1675099186&rmtc=t
Set-Cookie: u_pl=18260767; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI2MDc2NywiayI6IjUwZDgwOGNlNTFkY2NiYjZmZGVmYmMwOTYyYWI3NGZkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk0OTM4LCJwaWQiOjQ4NDE4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIsImFpZCI6NSwicHQiOjQsInBrIjoiaXM0dnE5M3QiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cua2ZhcC54eXovMjAyMy8wMS9hY3RyZXNzLXNvbmctbWluLWt5dW5nLXNleC1zY2VuZS1pbi0xMC5odG1sP209MSJ9fQ.EwAs-dbGzGiy4giXg9C_tq2f0WgWawujvTBej51WebI; expires=Mon, 30 Jan 2023 17:19:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 629050835e788fe148f3c1422062b6c3
Strict-Transport-Security: max-age=0; includeSubdomains
mega.nz/secureboot.js?r=1674788062
31.216.145.5200 OK 67 kB URL HTTP/1.1 mega.nz/secureboot.js?r=1674788062
IP 31.216.145.5:0
ASN #203055 Datacenter Luxembourg S.A.
File type Unicode text, UTF-8 text, with very long lines (22407)
Hash 16a5c8469056072ab6dd56aff86df734
2da82a73db05460abfdaa23892f0cb786d2fcbd3
cd6c3c18580bac46c01f1e977ae8740ae729ddef6bd01c28ab7a1f6c11b2c4b8
GET /secureboot.js?r=1674788062 HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/embed/6kUiECZB
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 67116
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
equitydefault.com/watch.1140539320679.js?key=79225122e38676a1103bf1827409b014&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=7a9f5908ba37cb4818005292a3e07592f0235d36ae915ee04535467d5cf036bcb76309d456a889ebd795240ec861993f58f2d1ffe165e561530615ddeb6bf696cc6a2e52ed7602c2ae37e37ec202f302197f5340&pst=1675099186&rmtc=t
192.243.61.225200 OK 634 B URL HTTP/1.1 equitydefault.com/watch.1140539320679.js?key=79225122e38676a1103bf1827409b014&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=7a9f5908ba37cb4818005292a3e07592f0235d36ae915ee04535467d5cf036bcb76309d456a889ebd795240ec861993f58f2d1ffe165e561530615ddeb6bf696cc6a2e52ed7602c2ae37e37ec202f302197f5340&pst=1675099186&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (581)
Hash 38dbf52f78b6bfdf377181718770f69f
21bb2eac05aebec7b18a4cbd473a920ab1b3827e
f3c419b3b6cabc768af928815b69f54bef598221282994744b41a13036b8a781
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1140539320679.js?key=79225122e38676a1103bf1827409b014&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=7a9f5908ba37cb4818005292a3e07592f0235d36ae915ee04535467d5cf036bcb76309d456a889ebd795240ec861993f58f2d1ffe165e561530615ddeb6bf696cc6a2e52ed7602c2ae37e37ec202f302197f5340&pst=1675099186&rmtc=t HTTP/1.1
Host: equitydefault.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kfap.xyz
Referer: https://www.kfap.xyz/
Connection: keep-alive
Cookie: u_pl=18264661,18260689; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI2MDY4OSwiayI6ImM0OGI0ODY3NDY3ZWM0MmY4MTNmYmUxOWYxZDRkYjc0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk0OTM4LCJwaWQiOjQ4NDE4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIsImFpZCI6MjMsInB0Ijo0LCJwayI6ImVqemtyYTd5aDIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cua2ZhcC54eXovMjAyMy8wMS9hY3RyZXNzLXNvbmctbWluLWt5dW5nLXNleC1zY2VuZS1pbi0xMC5odG1sP209MSJ9fQ.xspGULzKg3m3MQhjC_Iu0rHTfo7Z0MpnBCP9gH9yfcQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kfap.xyz
Access-Control-Allow-Origin: https://www.kfap.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d:3:1; expires=Mon, 06 Feb 2023 17:18:46 GMT; secure; SameSite=None
iprc206672f561bc9e4ebc012b045581ba9d=2004370; expires=Tue, 31 Jan 2023 19:18:46 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
uncs=1; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c76d4516ef45575df4ed71e1c10b619d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
solemnvine.com/watch.543703733498.js?key=50d808ce51dccbb6fdefbc0962ab74fd&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=05e77516833c87c51651f91e9ae695a79ca3ac4f86c8a186d6df36b2b719298257a074bbb5061fa0664662fcf7f4362e2e330a59554fcdccad1c113e357f13177a171ad97fe45d4b614c6095fccdca2c8b3665a8eb8927d8af9a4511fd8f3e&pst=1675099186&rmtc=t
192.243.59.20200 OK 634 B URL HTTP/1.1 solemnvine.com/watch.543703733498.js?key=50d808ce51dccbb6fdefbc0962ab74fd&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=05e77516833c87c51651f91e9ae695a79ca3ac4f86c8a186d6df36b2b719298257a074bbb5061fa0664662fcf7f4362e2e330a59554fcdccad1c113e357f13177a171ad97fe45d4b614c6095fccdca2c8b3665a8eb8927d8af9a4511fd8f3e&pst=1675099186&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (582)
Hash 4dfb5418a945eb422820c1d2502a0bdd
15f03d76fee37a12e471e24b909a931aa544ae8d
437d8805e36160cc1d8734f38ead173367b5ee8b6cb8ff796dec2e9621b50bc9
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.543703733498.js?key=50d808ce51dccbb6fdefbc0962ab74fd&kw=%5B%22actress%22%2C%22song%22%2C%22min-kyung%22%2C%22%EC%86%A1%EB%AF%BC%EA%B2%BD%22%2C%22sex%22%2C%22scene%22%2C%22in%22%2C%2210-day%22%2C%22lover%22%2C%222023%22%2C%2210%EC%9D%BC%EA%B0%84%EC%9D%98%22%2C%22%EC%95%A0%EC%9D%B8%22%5D&refer=https%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d%3A3%3A1&shu=05e77516833c87c51651f91e9ae695a79ca3ac4f86c8a186d6df36b2b719298257a074bbb5061fa0664662fcf7f4362e2e330a59554fcdccad1c113e357f13177a171ad97fe45d4b614c6095fccdca2c8b3665a8eb8927d8af9a4511fd8f3e&pst=1675099186&rmtc=t HTTP/1.1
Host: solemnvine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kfap.xyz
Referer: https://www.kfap.xyz/
Connection: keep-alive
Cookie: u_pl=18260767; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI2MDc2NywiayI6IjUwZDgwOGNlNTFkY2NiYjZmZGVmYmMwOTYyYWI3NGZkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTk0OTM4LCJwaWQiOjQ4NDE4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIsImFpZCI6NSwicHQiOjQsInBrIjoiaXM0dnE5M3QiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cua2ZhcC54eXovMjAyMy8wMS9hY3RyZXNzLXNvbmctbWluLWt5dW5nLXNleC1zY2VuZS1pbi0xMC5odG1sP209MSJ9fQ.EwAs-dbGzGiy4giXg9C_tq2f0WgWawujvTBej51WebI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kfap.xyz
Access-Control-Allow-Origin: https://www.kfap.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d:3:1; expires=Mon, 06 Feb 2023 17:18:46 GMT; secure; SameSite=None
iprc0d6d7f881e2eec13484ddb8d42c273a5=2004368; expires=Tue, 31 Jan 2023 19:18:46 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
uncs=1; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 31 Jan 2023 17:18:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 046e7d380a705185e8131b2b63a552e9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
acceptable.a-ads.com/1728206
176.9.77.232200 OK 8.2 kB URL HTTP/2 acceptable.a-ads.com/1728206
IP 176.9.77.232:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6851)
Hash 2aab9e9c23658b26896ff62d4782928d
869201f08a377843d83bdb4c02b6080077b89f99
43cc8062ceb15426a4406256a34ce0d034d198d51f6a61b6752e15343759271a
GET /1728206 HTTP/1.1
Host: acceptable.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:46 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://www.kfap.xyz/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4sc1Rd9lfRvk58LjSK4kTYoKDidququ6W6DBGOMBGNmzB8Gl%2B9f9Ty7ul7xXlVXT4MQDUiWLbhQV9WnZzJRg5gPEJAeQcIgOL0ZZuF8BRdCEN1IdRpa3%2BLee965i3PPvZ%2BNs2PiIqNH6%2B%2FroYoiejaoudVXN1QsdG6rV29UPbfmnqtuqHi1ca46KIPpv%2BG5Qc19rfqu5F191nc91%2FVcr3pJGRnqwdk5C5Xcb3u1tltr%2BDUvaGBg%2Fott5sBSB6J%2FTE5Didn%2FNh89gOJTxL0fLkrbTXXy%2Bju9LKKpNuiL3ZtxN9Z5jN6yDI2DMN5ddEPbGSFfnoCOdxcTQPe3ywnA1Iw4hx5YvLuQCdbfeaKURZAxmPg%2F8v4UMppC0Sm4vg0lDgjABa6uIe7dvapNTreesLRkZ6Ty%2BA%2BofEYqvz2HuPf9hUgNqtd1lKVKxxaDsIAaTKE6UyTZHtKhA5XvgaefQgmCuFdAiaOXfdb2%2FFA2V0IhmiuNtmytUObzFebJMHCZH%2FiBmFuj1BQqnCKSI1B7Epl1kCkHWeggSxz0xFGVBu3QdZshC%2Bv1VoNzXq9zHrRWRSDqjVboIuOl9hHSZAQejcDNLSTmk3ui3pR1xhtjiq76%2FCA4DZP9CLtZwAoHNiXoiwK5JMgtQU4JckWQpwR5v9gRkfVtcVdENmPeIvuLXC8mOu2M6Y5OOzIm4%2BSYPFPa5zw%2FeQpdeVRlvvRaTcFXZWO17jVZEDRDKWSpp9Vur3qwqoCyJ0Ctg6GakZc%2B%2FguJmhHy8AwY3YON9sDVCdDMA80nTd8F3Zw0Wi6G8b1uSJPaYGsIoQskaQXpljOOjskL8xWeqXwIyffP%2F3zqzWRyeArcFEhMgY%2FUTwSd6M7kms7J9jWdW%2FJgLUlVTw1pud7rKU3lyW%2Ffk1u5NuLyRTv65i1eEmV5%2F4a06RUaCxV3LPnughJCmkvacEkeXrYbkq1ndvNCZuIsubL%2B9qXLvcRIa5WOp6DqYO1PcDUjlVeenR%2Fu07%2F8DmWmMFmBXrZPFg9K74Ent2CTpXqrCUy07GGJgzwrJsZny89IEURyiSkrYP%2BF2bIe2zvomApoent%2Brn1ToB8VoNEINjs1SROzf%2F7RV%2BX7GiyqTFhkKtssMtEXc2vLcLMMH8zIi782YNVRVQahG0rXlyxss7BJXdEOG21G255ssoB6SO2MH%2F79%2BB8AAAD%2F%2FwEAAP%2F%2FYxCdMJ8EAAA%3D
173.233.137.36200 OK 4.7 kB URL HTTP/1.1 hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4sc1Rd9lfRvk58LjSK4kTYoKDidququ6W6DBGOMBGNmzB8Gl%2B9f9Ty7ul7xXlVXT4MQDUiWLbhQV9WnZzJRg5gPEJAeQcIgOL0ZZuF8BRdCEN1IdRpa3%2BLee965i3PPvZ%2BNs2PiIqNH6%2B%2FroYoiejaoudVXN1QsdG6rV29UPbfmnqtuqHi1ca46KIPpv%2BG5Qc19rfqu5F191nc91%2FVcr3pJGRnqwdk5C5Xcb3u1tltr%2BDUvaGBg%2Fott5sBSB6J%2FTE5Didn%2FNh89gOJTxL0fLkrbTXXy%2Bju9LKKpNuiL3ZtxN9Z5jN6yDI2DMN5ddEPbGSFfnoCOdxcTQPe3ywnA1Iw4hx5YvLuQCdbfeaKURZAxmPg%2F8v4UMppC0Sm4vg0lDgjABa6uIe7dvapNTreesLRkZ6Ty%2BA%2BofEYqvz2HuPf9hUgNqtd1lKVKxxaDsIAaTKE6UyTZHtKhA5XvgaefQgmCuFdAiaOXfdb2%2FFA2V0IhmiuNtmytUObzFebJMHCZH%2FiBmFuj1BQqnCKSI1B7Epl1kCkHWeggSxz0xFGVBu3QdZshC%2Bv1VoNzXq9zHrRWRSDqjVboIuOl9hHSZAQejcDNLSTmk3ui3pR1xhtjiq76%2FCA4DZP9CLtZwAoHNiXoiwK5JMgtQU4JckWQpwR5v9gRkfVtcVdENmPeIvuLXC8mOu2M6Y5OOzIm4%2BSYPFPa5zw%2FeQpdeVRlvvRaTcFXZWO17jVZEDRDKWSpp9Vur3qwqoCyJ0Ctg6GakZc%2B%2FguJmhHy8AwY3YON9sDVCdDMA80nTd8F3Zw0Wi6G8b1uSJPaYGsIoQskaQXpljOOjskL8xWeqXwIyffP%2F3zqzWRyeArcFEhMgY%2FUTwSd6M7kms7J9jWdW%2FJgLUlVTw1pud7rKU3lyW%2Ffk1u5NuLyRTv65i1eEmV5%2F4a06RUaCxV3LPnughJCmkvacEkeXrYbkq1ndvNCZuIsubL%2B9qXLvcRIa5WOp6DqYO1PcDUjlVeenR%2Fu07%2F8DmWmMFmBXrZPFg9K74Ent2CTpXqrCUy07GGJgzwrJsZny89IEURyiSkrYP%2BF2bIe2zvomApoent%2Brn1ToB8VoNEINjs1SROzf%2F7RV%2BX7GiyqTFhkKtssMtEXc2vLcLMMH8zIi782YNVRVQahG0rXlyxss7BJXdEOG21G255ssoB6SO2MH%2F79%2BB8AAAD%2F%2FwEAAP%2F%2FYxCdMJ8EAAA%3D
IP 173.233.137.36:0
Hash 253c3f8f8d73c66e38f0dd52e8187e18
0abb389b416ce78ab88c5a507a2efaed942e2c48
5af7bb30bf25db22a99eb486a489340b6965365f3d361149847bed4f51c1ad14
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST4sc1Rd9lfRvk58LjSK4kTYoKDidququ6W6DBGOMBGNmzB8Gl%2B9f9Ty7ul7xXlVXT4MQDUiWLbhQV9WnZzJRg5gPEJAeQcIgOL0ZZuF8BRdCEN1IdRpa3%2BLee965i3PPvZ%2BNs2PiIqNH6%2B%2FroYoiejaoudVXN1QsdG6rV29UPbfmnqtuqHi1ca46KIPpv%2BG5Qc19rfqu5F191nc91%2FVcr3pJGRnqwdk5C5Xcb3u1tltr%2BDUvaGBg%2Fott5sBSB6J%2FTE5Didn%2FNh89gOJTxL0fLkrbTXXy%2Bju9LKKpNuiL3ZtxN9Z5jN6yDI2DMN5ddEPbGSFfnoCOdxcTQPe3ywnA1Iw4hx5YvLuQCdbfeaKURZAxmPg%2F8v4UMppC0Sm4vg0lDgjABa6uIe7dvapNTreesLRkZ6Ty%2BA%2BofEYqvz2HuPf9hUgNqtd1lKVKxxaDsIAaTKE6UyTZHtKhA5XvgaefQgmCuFdAiaOXfdb2%2FFA2V0IhmiuNtmytUObzFebJMHCZH%2FiBmFuj1BQqnCKSI1B7Epl1kCkHWeggSxz0xFGVBu3QdZshC%2Bv1VoNzXq9zHrRWRSDqjVboIuOl9hHSZAQejcDNLSTmk3ui3pR1xhtjiq76%2FCA4DZP9CLtZwAoHNiXoiwK5JMgtQU4JckWQpwR5v9gRkfVtcVdENmPeIvuLXC8mOu2M6Y5OOzIm4%2BSYPFPa5zw%2FeQpdeVRlvvRaTcFXZWO17jVZEDRDKWSpp9Vur3qwqoCyJ0Ctg6GakZc%2B%2FguJmhHy8AwY3YON9sDVCdDMA80nTd8F3Zw0Wi6G8b1uSJPaYGsIoQskaQXpljOOjskL8xWeqXwIyffP%2F3zqzWRyeArcFEhMgY%2FUTwSd6M7kms7J9jWdW%2FJgLUlVTw1pud7rKU3lyW%2Ffk1u5NuLyRTv65i1eEmV5%2F4a06RUaCxV3LPnughJCmkvacEkeXrYbkq1ndvNCZuIsubL%2B9qXLvcRIa5WOp6DqYO1PcDUjlVeenR%2Fu07%2F8DmWmMFmBXrZPFg9K74Ent2CTpXqrCUy07GGJgzwrJsZny89IEURyiSkrYP%2BF2bIe2zvomApoent%2Brn1ToB8VoNEINjs1SROzf%2F7RV%2BX7GiyqTFhkKtssMtEXc2vLcLMMH8zIi782YNVRVQahG0rXlyxss7BJXdEOG21G255ssoB6SO2MH%2F79%2BB8AAAD%2F%2FwEAAP%2F%2FYxCdMJ8EAAA%3D HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Cookie: u_pl=18260748; uid_id2=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d:3:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:46 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6c968195b5640ef0796a1f3be5d42933
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62452129bb8dec065bf82af1cd2325a0
9b32f067ac26364f2cd578bcdd40c50d18fd03d7
0d2f762553a22b9679301179d107a4a8f2e01efd82c6f432a806d4810481a08c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D2F762553A22B9679301179D107A4A8F2E01EFD82C6F432A806D4810481A08C"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12881
Expires: Mon, 30 Jan 2023 20:53:27 GMT
Date: Mon, 30 Jan 2023 17:18:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62452129bb8dec065bf82af1cd2325a0
9b32f067ac26364f2cd578bcdd40c50d18fd03d7
0d2f762553a22b9679301179d107a4a8f2e01efd82c6f432a806d4810481a08c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D2F762553A22B9679301179D107A4A8F2E01EFD82C6F432A806D4810481A08C"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12881
Expires: Mon, 30 Jan 2023 20:53:27 GMT
Date: Mon, 30 Jan 2023 17:18:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62452129bb8dec065bf82af1cd2325a0
9b32f067ac26364f2cd578bcdd40c50d18fd03d7
0d2f762553a22b9679301179d107a4a8f2e01efd82c6f432a806d4810481a08c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D2F762553A22B9679301179D107A4A8F2E01EFD82C6F432A806D4810481A08C"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12881
Expires: Mon, 30 Jan 2023 20:53:27 GMT
Date: Mon, 30 Jan 2023 17:18:46 GMT
Connection: keep-alive
eu.static.mega.co.nz/4/lang/en_88408fa1a05c19e8c42b43be8333283d178bfb9d8e47fd0293817c84b2b404de.json
89.44.169.134200 OK 74 kB URL HTTP/2 eu.static.mega.co.nz/4/lang/en_88408fa1a05c19e8c42b43be8333283d178bfb9d8e47fd0293817c84b2b404de.json
IP 89.44.169.134:0
ASN #203055 Datacenter Luxembourg S.A.
Hash adbf36b17e3dbfce1471a4eb9d232575
e7db241b124f39ddedae9e3b357528c3cd0d6891
53c54a537ae013b58965399ad433583c68fbbd4e2f02bc59e3a280f4a4e504ad
GET /4/lang/en_88408fa1a05c19e8c42b43be8333283d178bfb9d8e47fd0293817c84b2b404de.json HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:46 GMT
content-type: application/json
content-length: 96522
last-modified: Fri, 27 Jan 2023 03:40:11 GMT
vary: Accept-Encoding
etag: "63d3479b-1790a"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
45.133.44.9200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 1dcde64d47d24d151a1433ecf4403dd7
443d6704b5a294e000084d7a8ac823e526093928
d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376
GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:46 GMT
content-type: image/jpeg
content-length: 27832
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:58 GMT
etag: "5eaa8542-6cb8"
expires: Wed, 01 Feb 2023 17:18:46 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 9a2dc4fe2ebb70df2dfb1566d22970b8
b85a5f4ef7bd68b834d03d8b9a552e2e546e8701
1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd
GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:46 GMT
content-type: image/jpeg
content-length: 22757
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:56:41 GMT
etag: "5eaa84b9-58e5"
expires: Wed, 01 Feb 2023 17:18:46 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
45.133.44.9200 OK 32 kB URL HTTP/2 cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash 3528385dd0c31dbd2e5bfc4af7a6bec5
832c580ffd7711115d6c036ab4232f5bd88480a4
bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75
GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:46 GMT
content-type: image/jpeg
content-length: 32471
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:05 GMT
etag: "5eaa850d-7ed7"
expires: Wed, 01 Feb 2023 17:18:46 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
acceptable.a-ads.com/1728206
176.9.77.232200 OK 65 kB URL HTTP/2 acceptable.a-ads.com/1728206
IP 176.9.77.232:0
ASN #24940 Hetzner Online GmbH
Hash be6c2f2fee8c732cdc492be456cbde53
87b385abb24accc79868ea4afb20f2928bcbcaf2
496600b0f1933a1b48f76997596ad94a33cb47f611ba76460b9c617b3130d32c
GET /1728206 HTTP/1.1
Host: acceptable.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:46 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://www.kfap.xyz/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
acceptable.a-ads.com/1728204
176.9.77.232200 OK 7.7 kB URL HTTP/2 acceptable.a-ads.com/1728204
IP 176.9.77.232:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6851)
Hash df190cd6cd787cd8f45fe169551719a2
8dc10bd6385cf89e2918644329ff86192d4c0c77
c137d5d59e0ab4353da38c491713120797ce8540d49647c54846ce9c99edff01
GET /1728204 HTTP/1.1
Host: acceptable.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:46 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://www.kfap.xyz/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RS34sbVRS%2B08aXKoJVBF8kFgUVN52ZZDaJRYq1Vop1d%2B0PFh%2Fvr8leM5k73DuTyQaEakH6GMEH9WnyZbdbtYj9AwqSFaTsi5uXZR%2Fcf0Iooi8yu4HofTjnfPc7D9%2F5zvlynB0RFxk9XPtID1UU0fNBza2%2Bvq5ioXNbXblZ9dyae6G6ruLlxoXqoAym%2F7bnBjX3jeoHknf1ed%2F1XNdzveoVZWSoB%2BePWajkQdurtd1aw695QQMD839sMweWOhD9I3IWSsye2nj8EIpPEfd%2BvixtN9XJW%2B%2F3soim2qAvdm7F3VjnMXqLMjQOwnhn3g1tZ4R8cwo63plPAN3fKicAUzPiHHhg8c5cJlh%2F%2B0QpiyBjMPE08v4UMppC0Sm4vgMl9gnABVZWEffurWiT080TlpbsjFSe%2FAmVz0jljxcQ9366FKlB9YaOslTp2GIQFlCDKVRniiTbRTp0oPJd8PQLKEEQ9woocfiqz9qeH8rmUihEc6nRlq0lyny%2BxDwZBi7zAz8Qx9YoNYUKp4jkCNSeRmYdZMpBFjrIEgc9cVilQTt03WbIwnq91eCc1%2BucB61lEYh6oxW6yHipfYQ0GYFHI3BzG4n5%2FL6oN2Wd8caYoqu%2B2g%2FOwmS%2FwG4UsMKBTQn6okAuCXJLkFOCXBHkKUHeL7ZFZH1b3BORzZg3z%2F4814uJTjtjuq3TjozJODkiz5X2OS9OnkFXHlaZL71WU%2FBl2Viue00WBM1QClnqabXbyx6sKqDsKVDrYKhm5JXP%2FkaiZoQ8OgdGd2GjXXB1CjTzQPNJ03dBNyaNlothfL8b0qQ22BxC6AJJWkG66YyjI%2FLS8Qpf%2Fr0Byfcu%2FnbmnWRycAbcFEhMgU%2FVrwSd6O7kus7J1nWdW%2FJwNUlVTw1pud4bKU3l6R8%2BlJu5NuLqZTv6%2Fl1eEmX54Ka06TUaCxV3LPnxkhJCmivacEkeXbXrkq1lduNSZuIsubb23pWrvcRIa5WOp6Bqf%2FUvcDUjldeePz7cZ%2FffhDJTmKxAL9sj8weld8GT27DJQr3VBCZa9LCkgjwrJsZni89IEURygSkrYP%2BD2aIe27vomApoeuf4XPumQD8qQKMRbHZmkiZm7%2BLjb8v3HVhUmbDIVLZYZKKvZ%2BRc5ZMy3CrDxydOW3VYlUHohtL1JQvbLGxSV7TDRpvRtiebLKAeUjvjB%2F88%2BRcAAP%2F%2FAQAA%2F%2F%2FTtZfxnwQAAA%3D%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RS34sbVRS%2B08aXKoJVBF8kFgUVN52ZZDaJRYq1Vop1d%2B0PFh%2Fvr8leM5k73DuTyQaEakH6GMEH9WnyZbdbtYj9AwqSFaTsi5uXZR%2Fcf0Iooi8yu4HofTjnfPc7D9%2F5zvlynB0RFxk9XPtID1UU0fNBza2%2Bvq5ioXNbXblZ9dyae6G6ruLlxoXqoAym%2F7bnBjX3jeoHknf1ed%2F1XNdzveoVZWSoB%2BePWajkQdurtd1aw695QQMD839sMweWOhD9I3IWSsye2nj8EIpPEfd%2BvixtN9XJW%2B%2F3soim2qAvdm7F3VjnMXqLMjQOwnhn3g1tZ4R8cwo63plPAN3fKicAUzPiHHhg8c5cJlh%2F%2B0QpiyBjMPE08v4UMppC0Sm4vgMl9gnABVZWEffurWiT080TlpbsjFSe%2FAmVz0jljxcQ9366FKlB9YaOslTp2GIQFlCDKVRniiTbRTp0oPJd8PQLKEEQ9woocfiqz9qeH8rmUihEc6nRlq0lyny%2BxDwZBi7zAz8Qx9YoNYUKp4jkCNSeRmYdZMpBFjrIEgc9cVilQTt03WbIwnq91eCc1%2BucB61lEYh6oxW6yHipfYQ0GYFHI3BzG4n5%2FL6oN2Wd8caYoqu%2B2g%2FOwmS%2FwG4UsMKBTQn6okAuCXJLkFOCXBHkKUHeL7ZFZH1b3BORzZg3z%2F4814uJTjtjuq3TjozJODkiz5X2OS9OnkFXHlaZL71WU%2FBl2Viue00WBM1QClnqabXbyx6sKqDsKVDrYKhm5JXP%2FkaiZoQ8OgdGd2GjXXB1CjTzQPNJ03dBNyaNlothfL8b0qQ22BxC6AJJWkG66YyjI%2FLS8Qpf%2Fr0Byfcu%2FnbmnWRycAbcFEhMgU%2FVrwSd6O7kus7J1nWdW%2FJwNUlVTw1pud4bKU3l6R8%2BlJu5NuLqZTv6%2Fl1eEmX54Ka06TUaCxV3LPnxkhJCmivacEkeXbXrkq1lduNSZuIsubb23pWrvcRIa5WOp6Bqf%2FUvcDUjldeePz7cZ%2FffhDJTmKxAL9sj8weld8GT27DJQr3VBCZa9LCkgjwrJsZni89IEURygSkrYP%2BD2aIe27vomApoeuf4XPumQD8qQKMRbHZmkiZm7%2BLjb8v3HVhUmbDIVLZYZKKvZ%2BRc5ZMy3CrDxydOW3VYlUHohtL1JQvbLGxSV7TDRpvRtiebLKAeUjvjB%2F88%2BRcAAP%2F%2FAQAA%2F%2F%2FTtZfxnwQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RS34sbVRS%2B08aXKoJVBF8kFgUVN52ZZDaJRYq1Vop1d%2B0PFh%2Fvr8leM5k73DuTyQaEakH6GMEH9WnyZbdbtYj9AwqSFaTsi5uXZR%2Fcf0Iooi8yu4HofTjnfPc7D9%2F5zvlynB0RFxk9XPtID1UU0fNBza2%2Bvq5ioXNbXblZ9dyae6G6ruLlxoXqoAym%2F7bnBjX3jeoHknf1ed%2F1XNdzveoVZWSoB%2BePWajkQdurtd1aw695QQMD839sMweWOhD9I3IWSsye2nj8EIpPEfd%2BvixtN9XJW%2B%2F3soim2qAvdm7F3VjnMXqLMjQOwnhn3g1tZ4R8cwo63plPAN3fKicAUzPiHHhg8c5cJlh%2F%2B0QpiyBjMPE08v4UMppC0Sm4vgMl9gnABVZWEffurWiT080TlpbsjFSe%2FAmVz0jljxcQ9366FKlB9YaOslTp2GIQFlCDKVRniiTbRTp0oPJd8PQLKEEQ9woocfiqz9qeH8rmUihEc6nRlq0lyny%2BxDwZBi7zAz8Qx9YoNYUKp4jkCNSeRmYdZMpBFjrIEgc9cVilQTt03WbIwnq91eCc1%2BucB61lEYh6oxW6yHipfYQ0GYFHI3BzG4n5%2FL6oN2Wd8caYoqu%2B2g%2FOwmS%2FwG4UsMKBTQn6okAuCXJLkFOCXBHkKUHeL7ZFZH1b3BORzZg3z%2F4814uJTjtjuq3TjozJODkiz5X2OS9OnkFXHlaZL71WU%2FBl2Viue00WBM1QClnqabXbyx6sKqDsKVDrYKhm5JXP%2FkaiZoQ8OgdGd2GjXXB1CjTzQPNJ03dBNyaNlothfL8b0qQ22BxC6AJJWkG66YyjI%2FLS8Qpf%2Fr0Byfcu%2FnbmnWRycAbcFEhMgU%2FVrwSd6O7kus7J1nWdW%2FJwNUlVTw1pud4bKU3l6R8%2BlJu5NuLqZTv6%2Fl1eEmX54Ka06TUaCxV3LPnxkhJCmivacEkeXbXrkq1lduNSZuIsubb23pWrvcRIa5WOp6Bqf%2FUvcDUjldeePz7cZ%2FffhDJTmKxAL9sj8weld8GT27DJQr3VBCZa9LCkgjwrJsZni89IEURygSkrYP%2BD2aIe27vomApoeuf4XPumQD8qQKMRbHZmkiZm7%2BLjb8v3HVhUmbDIVLZYZKKvZ%2BRc5ZMy3CrDxydOW3VYlUHohtL1JQvbLGxSV7TDRpvRtiebLKAeUjvjB%2F88%2BRcAAP%2F%2FAQAA%2F%2F%2FTtZfxnwQAAA%3D%3D HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Cookie: u_pl=18260748; uid_id2=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d:3:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bba2fc5a8105ebde977a078a01170737
Strict-Transport-Security: max-age=0; includeSubdomains
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:09:34 GMT
expires: Tue, 30 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
age: 553
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/99/8c/bf/998cbfe02099f7b3e1be6ec647e0528f/1596466136.jpg
45.133.44.9200 OK 21 kB URL HTTP/2 cdn.cloudimagesb.com/bi/99/8c/bf/998cbfe02099f7b3e1be6ec647e0528f/1596466136.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 728x90, components 3\012- data
Hash dc47de4e75a80a4ef1e7f6a5a79aa4d7
245458733d72d1a9008f56346e525b1628cca2f6
40b6737afe8c5ab875fb216aff15c619918057058fe199fb8359773c7ab92801
GET /bi/99/8c/bf/998cbfe02099f7b3e1be6ec647e0528f/1596466136.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:47 GMT
content-type: image/jpeg
content-length: 20790
server: nginx/1.17.6
last-modified: Mon, 03 Aug 2020 14:48:59 GMT
etag: "5f2823db-5136"
expires: Wed, 01 Feb 2023 17:18:47 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
eu.static.mega.co.nz/4/lang/en_88408fa1a05c19e8c42b43be8333283d178bfb9d8e47fd0293817c84b2b404de.json
89.44.169.134200 OK 96 kB URL HTTP/2 eu.static.mega.co.nz/4/lang/en_88408fa1a05c19e8c42b43be8333283d178bfb9d8e47fd0293817c84b2b404de.json
IP 89.44.169.134:0
ASN #203055 Datacenter Luxembourg S.A.
File type JSON data\012- , ASCII text, with very long lines (725)
Hash a8fb8b1e5a681c6eba5340c6a479d4ed
75839561e5d7ba8008928b2acb1824542cbb1dab
4524c37470675e936dfd39dcc9f480bd9cb9ceb9c17937ceea873fb41a1b7b89
GET /4/lang/en_88408fa1a05c19e8c42b43be8333283d178bfb9d8e47fd0293817c84b2b404de.json HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:47 GMT
content-type: application/json
content-length: 96522
last-modified: Fri, 27 Jan 2023 03:40:11 GMT
vary: Accept-Encoding
etag: "63d3479b-1790a"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
eu.static.mega.co.nz/4/js/mega-19_cdf26e3dcdd8b094e4a3ec20fe489cf2f45fcb9c40ba4dc1bffe9739c4eb5ff7.js
89.44.169.134200 OK 144 kB URL HTTP/2 eu.static.mega.co.nz/4/js/mega-19_cdf26e3dcdd8b094e4a3ec20fe489cf2f45fcb9c40ba4dc1bffe9739c4eb5ff7.js
IP 89.44.169.134:0
ASN #203055 Datacenter Luxembourg S.A.
File type Algol 68 source text\012- Pascal source, ASCII text
Size 144 kB (144153 bytes)
Hash 1c485220a8f2b6fe564b438d43265b54
6c993974fac4a99ab9db757f4054b5f7a28a5056
9bc393a63604fea61bd66a86271fa94cc6240a7f9457c9174e6df6192f73d9cb
GET /4/js/mega-19_cdf26e3dcdd8b094e4a3ec20fe489cf2f45fcb9c40ba4dc1bffe9739c4eb5ff7.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:47 GMT
content-type: application/javascript
content-length: 144153
last-modified: Fri, 27 Jan 2023 03:40:14 GMT
vary: Accept-Encoding
etag: "63d3479e-23319"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/48/65/95/486595255d263d9b2e21d76f4a17789a/1663165344.gif
45.133.44.9200 OK 17 kB URL HTTP/2 cdn.cloudimagesb.com/cti/48/65/95/486595255d263d9b2e21d76f4a17789a/1663165344.gif
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 728 x 90\012- data
Hash 9827a684548028835e797ea6fefa1981
ed4fca3e5240078a7eab11a5d9c8bcfc00e6504d
b920715f48738062f796ef90f7b0dc7ce636f563d1319a3f6148dd6719922d09
GET /cti/48/65/95/486595255d263d9b2e21d76f4a17789a/1663165344.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:47 GMT
content-type: image/gif
content-length: 17303
server: nginx/1.17.6
last-modified: Wed, 14 Sep 2022 14:22:32 GMT
etag: "6321e3a8-4397"
expires: Wed, 01 Feb 2023 17:18:47 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4sc1Rd9lfRvk58LjSK4kTYoKDidququ6W6DBGOMBGNmzB8Gl%2B9f9Ty7ul7xXlVXT4MQDUiWLbhQV9WnZzJRg5gPEJAeQcIgOL0ZZuF8A1dCEN1IdRpa3%2BLee965i3PPvZ%2BNs2PiIqNH6%2B%2FroYoiejaoudVXN1QsdG6rV29UPbfmnqtuqHi1ca46KIPpv%2BG5Qc19rfqu5F191nc91%2FVcr3pJGRnqwdk5C5Xcb3u1tltr%2BDUvaGBg%2Fott5sBSB6J%2FTE5Didn%2FNh89gOJTxL0fLkrbTXXy%2Bju9LKKpNuiL3ZtxN9Z5jN6yDI2DMN5ddEPbGSFfnoCOdxcTQPe3ywnA1Iw4hx5YvLuQCdbfeaKURZAxmPg%2F8v4UMppC0Sm4vg0lDgjABa6uIe7dvapNTreesLRkZ6Ty%2BA%2BofEYqvz2HuPf9hUgNqtd1lKVKxxaDsIAaTKE6UyTZHtKhA5XvgaefQgmCuFdAiaOXfdb2%2FFA2V0IhmiuNtmytUObzFebJMHCZH%2FiBmFuj1BQqnCKSI1B7Epl1kCkHWeggSxz0xFGVBu3QdZshC%2Bv1VoNzXq9zHrRWRSDqjVboIuOl9hHSZAQejcDNLSTmk3ui3pR1xhtjiq76%2FCA4DZP9CLtZwAoHNiXoiwK5JMgtQU4JckWQpwR5v9gRkfVtcVdENmPeIvuLXC8mOu2M6Y5OOzIm4%2BSYPFPa5zw%2FeQpdeVRlvvRaTcFXZWO17jVZEDRDKWSpp9Vur3qwqoCyJ0Ctg6GakZc%2B%2FguJmhHy8AwY3YON9sDVCdDMA80nTd8F3Zw0Wi6G8b1uSJPaYGsIoQskaQXpljOOjskL8xWeqXwAyffP%2F3zqzWRyeArcFEhMgY%2FUTwSd6M7kms7J9jWdW%2FJgLUlVTw1pud7rKU3lyW%2Ffk1u5NuLyRTv65i1eEmV5%2F4a06RUaCxV3LPnughJCmkvacEkeXrYbkq1ndvNCZuIsubL%2B9qXLvcRIa5WOp6DqYO1PcDUjlVeenR%2Fu07%2F8DmWmMFmBXrZPFg9K74Ent2CTpXqrCUy07GHJSeRZMTE%2BW35GiiCSS0xZAfsvzJb12N5Bx1RA09vzc%2B2bAv2oAI1GsNmpSZqY%2FfOPvirf12BRZcIiU9lmkYm%2BKK39sAw35ybPyIu%2FNmDVUVUGoRtK15csbLOwSV3RDhttRtuebLKAekjtjB%2F%2B%2FfgfAAAA%2F%2F8BAAD%2F%2F4i7RbKfBAAA
173.233.137.36200 OK 7 B URL HTTP/1.1 hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4sc1Rd9lfRvk58LjSK4kTYoKDidququ6W6DBGOMBGNmzB8Gl%2B9f9Ty7ul7xXlVXT4MQDUiWLbhQV9WnZzJRg5gPEJAeQcIgOL0ZZuF8A1dCEN1IdRpa3%2BLee965i3PPvZ%2BNs2PiIqNH6%2B%2FroYoiejaoudVXN1QsdG6rV29UPbfmnqtuqHi1ca46KIPpv%2BG5Qc19rfqu5F191nc91%2FVcr3pJGRnqwdk5C5Xcb3u1tltr%2BDUvaGBg%2Fott5sBSB6J%2FTE5Didn%2FNh89gOJTxL0fLkrbTXXy%2Bju9LKKpNuiL3ZtxN9Z5jN6yDI2DMN5ddEPbGSFfnoCOdxcTQPe3ywnA1Iw4hx5YvLuQCdbfeaKURZAxmPg%2F8v4UMppC0Sm4vg0lDgjABa6uIe7dvapNTreesLRkZ6Ty%2BA%2BofEYqvz2HuPf9hUgNqtd1lKVKxxaDsIAaTKE6UyTZHtKhA5XvgaefQgmCuFdAiaOXfdb2%2FFA2V0IhmiuNtmytUObzFebJMHCZH%2FiBmFuj1BQqnCKSI1B7Epl1kCkHWeggSxz0xFGVBu3QdZshC%2Bv1VoNzXq9zHrRWRSDqjVboIuOl9hHSZAQejcDNLSTmk3ui3pR1xhtjiq76%2FCA4DZP9CLtZwAoHNiXoiwK5JMgtQU4JckWQpwR5v9gRkfVtcVdENmPeIvuLXC8mOu2M6Y5OOzIm4%2BSYPFPa5zw%2FeQpdeVRlvvRaTcFXZWO17jVZEDRDKWSpp9Vur3qwqoCyJ0Ctg6GakZc%2B%2FguJmhHy8AwY3YON9sDVCdDMA80nTd8F3Zw0Wi6G8b1uSJPaYGsIoQskaQXpljOOjskL8xWeqXwAyffP%2F3zqzWRyeArcFEhMgY%2FUTwSd6M7kms7J9jWdW%2FJgLUlVTw1pud7rKU3lyW%2Ffk1u5NuLyRTv65i1eEmV5%2F4a06RUaCxV3LPnughJCmkvacEkeXrYbkq1ndvNCZuIsubL%2B9qXLvcRIa5WOp6DqYO1PcDUjlVeenR%2Fu07%2F8DmWmMFmBXrZPFg9K74Ent2CTpXqrCUy07GHJSeRZMTE%2BW35GiiCSS0xZAfsvzJb12N5Bx1RA09vzc%2B2bAv2oAI1GsNmpSZqY%2FfOPvirf12BRZcIiU9lmkYm%2BKK39sAw35ybPyIu%2FNmDVUVUGoRtK15csbLOwSV3RDhttRtuebLKAekjtjB%2F%2B%2FfgfAAAA%2F%2F8BAAD%2F%2F4i7RbKfBAAA
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST4sc1Rd9lfRvk58LjSK4kTYoKDidququ6W6DBGOMBGNmzB8Gl%2B9f9Ty7ul7xXlVXT4MQDUiWLbhQV9WnZzJRg5gPEJAeQcIgOL0ZZuF8A1dCEN1IdRpa3%2BLee965i3PPvZ%2BNs2PiIqNH6%2B%2FroYoiejaoudVXN1QsdG6rV29UPbfmnqtuqHi1ca46KIPpv%2BG5Qc19rfqu5F191nc91%2FVcr3pJGRnqwdk5C5Xcb3u1tltr%2BDUvaGBg%2Fott5sBSB6J%2FTE5Didn%2FNh89gOJTxL0fLkrbTXXy%2Bju9LKKpNuiL3ZtxN9Z5jN6yDI2DMN5ddEPbGSFfnoCOdxcTQPe3ywnA1Iw4hx5YvLuQCdbfeaKURZAxmPg%2F8v4UMppC0Sm4vg0lDgjABa6uIe7dvapNTreesLRkZ6Ty%2BA%2BofEYqvz2HuPf9hUgNqtd1lKVKxxaDsIAaTKE6UyTZHtKhA5XvgaefQgmCuFdAiaOXfdb2%2FFA2V0IhmiuNtmytUObzFebJMHCZH%2FiBmFuj1BQqnCKSI1B7Epl1kCkHWeggSxz0xFGVBu3QdZshC%2Bv1VoNzXq9zHrRWRSDqjVboIuOl9hHSZAQejcDNLSTmk3ui3pR1xhtjiq76%2FCA4DZP9CLtZwAoHNiXoiwK5JMgtQU4JckWQpwR5v9gRkfVtcVdENmPeIvuLXC8mOu2M6Y5OOzIm4%2BSYPFPa5zw%2FeQpdeVRlvvRaTcFXZWO17jVZEDRDKWSpp9Vur3qwqoCyJ0Ctg6GakZc%2B%2FguJmhHy8AwY3YON9sDVCdDMA80nTd8F3Zw0Wi6G8b1uSJPaYGsIoQskaQXpljOOjskL8xWeqXwAyffP%2F3zqzWRyeArcFEhMgY%2FUTwSd6M7kms7J9jWdW%2FJgLUlVTw1pud7rKU3lyW%2Ffk1u5NuLyRTv65i1eEmV5%2F4a06RUaCxV3LPnughJCmkvacEkeXrYbkq1ndvNCZuIsubL%2B9qXLvcRIa5WOp6DqYO1PcDUjlVeenR%2Fu07%2F8DmWmMFmBXrZPFg9K74Ent2CTpXqrCUy07GHJSeRZMTE%2BW35GiiCSS0xZAfsvzJb12N5Bx1RA09vzc%2B2bAv2oAI1GsNmpSZqY%2FfOPvirf12BRZcIiU9lmkYm%2BKK39sAw35ybPyIu%2FNmDVUVUGoRtK15csbLOwSV3RDhttRtuebLKAekjtjB%2F%2B%2FfgfAAAA%2F%2F8BAAD%2F%2F4i7RbKfBAAA HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Cookie: u_pl=18260748; uid_id2=2b912fe7-fdd7-49e8-ab2c-b1ef50b2525d:3:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1504750aab4dff8f311a5e702b1b6787
Strict-Transport-Security: max-age=0; includeSubdomains
eu.static.mega.co.nz/4/js/mega-20_f054ae5617422de0a47890caa43eba9360ff4cefe4fd0190942773807a3f0fd9.js
89.44.169.134200 OK 96 kB URL HTTP/2 eu.static.mega.co.nz/4/js/mega-20_f054ae5617422de0a47890caa43eba9360ff4cefe4fd0190942773807a3f0fd9.js
IP 89.44.169.134:0
ASN #203055 Datacenter Luxembourg S.A.
Hash 7e7e0c70168732213a3bab3afd62a9fe
c2df4c3b8ff63a5f8735525941d7bc1c6fbaff5f
4ef4e0e0b38dfd15b5dfd412eb3c970d811d6939167ef54d85e4ca867a70a62d
GET /4/js/mega-20_f054ae5617422de0a47890caa43eba9360ff4cefe4fd0190942773807a3f0fd9.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:47 GMT
content-type: application/javascript
content-length: 96544
last-modified: Fri, 27 Jan 2023 03:40:14 GMT
vary: Accept-Encoding
etag: "63d3479e-17920"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9ca371a18b1afacc82e035f41dc2b86
8b4a87be43183e4f89e19ecac344915d60574950
8ac3da2f8ce052a3d27fee0dccc5712a55e917f9de8daff8db891d50249aba90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AC3DA2F8CE052A3D27FEE0DCCC5712A55E917F9DE8DAFF8DB891D50249ABA90"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4005
Expires: Mon, 30 Jan 2023 18:25:32 GMT
Date: Mon, 30 Jan 2023 17:18:47 GMT
Connection: keep-alive
acceptable.a-ads.com/1728204
176.9.77.232200 OK 5.7 kB URL HTTP/2 acceptable.a-ads.com/1728204
IP 176.9.77.232:0
ASN #24940 Hetzner Online GmbH
Hash 5d61350b4e6f2d75829f5d410deea53a
eb1b5e30f9ed480989f1a896d80b5ed4ded2a382
55e02765c06d93c8b777864d9eeaeaec69776c70f3c61fb3d56adbddcd65980a
GET /1728204 HTTP/1.1
Host: acceptable.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:46 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://www.kfap.xyz/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
eu.static.mega.co.nz/4/js/vendor/videostream_ddeb610d6af68fecb016bd85a9b0499f6a08daef8134e5fe00ea2fb1427ee4f9.js
89.44.169.134200 OK 64 kB URL HTTP/2 eu.static.mega.co.nz/4/js/vendor/videostream_ddeb610d6af68fecb016bd85a9b0499f6a08daef8134e5fe00ea2fb1427ee4f9.js
IP 89.44.169.134:0
ASN #203055 Datacenter Luxembourg S.A.
File type ASCII text, with very long lines (2567)
Hash e9b7fcf1f828a8836240db2b2c375c06
961d5e735be39fc05b8b5cf2e10dc52ff7db9940
e717e105536d49ade5935c6bfccbbcc04dd1d73a38a88b86183c0244aa4bc48c
GET /4/js/vendor/videostream_ddeb610d6af68fecb016bd85a9b0499f6a08daef8134e5fe00ea2fb1427ee4f9.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:47 GMT
content-type: application/javascript
content-length: 64404
last-modified: Fri, 27 Jan 2023 03:40:16 GMT
vary: Accept-Encoding
etag: "63d347a0-fb94"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
eu.static.mega.co.nz/4/html/embedplayer.html-postbuild_9656fe42099f0e5643e6c9893002fa2a307beefe302cc8f9bdfc70f0f51dd84e.html
89.44.169.134200 OK 1.4 kB URL HTTP/2 eu.static.mega.co.nz/4/html/embedplayer.html-postbuild_9656fe42099f0e5643e6c9893002fa2a307beefe302cc8f9bdfc70f0f51dd84e.html
IP 89.44.169.134:0
ASN #203055 Datacenter Luxembourg S.A.
File type ASCII text, with very long lines (5555), with no line terminators
Hash 9c1b964f9277187e6e82e89b35b98294
1d2928b06f441c23ad89eb0ffa6c0f8f73815e8d
0d6ea60ef1b5b4abbc84a5b02523fcee4c37a8d869e16c46376f04b6c8de9e6b
GET /4/html/embedplayer.html-postbuild_9656fe42099f0e5643e6c9893002fa2a307beefe302cc8f9bdfc70f0f51dd84e.html HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:47 GMT
content-type: text/html
content-length: 1444
last-modified: Fri, 27 Jan 2023 03:40:16 GMT
vary: Accept-Encoding
etag: "63d347a0-5a4"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c754739b42f49d4f916eeddf5e0ad0b
dbd00615dd46df6aebbf184c5a674500fca79409
8cc3bb1dc1272a7db571c09fcd67fce2b6cc1e1c23daaa725c40ba5b66b204d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c754739b42f49d4f916eeddf5e0ad0b
dbd00615dd46df6aebbf184c5a674500fca79409
8cc3bb1dc1272a7db571c09fcd67fce2b6cc1e1c23daaa725c40ba5b66b204d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d9e7028883da0be37fa509c335d6a12b
d54b7637e3e5181d65c831283d2caf40c76c6fff
7ddc3cd14856bcfb93af95eacd467348f00790bdd19e13a5da8d246141ece38f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7DDC3CD14856BCFB93AF95EACD467348F00790BDD19E13A5DA8D246141ECE38F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5449
Expires: Mon, 30 Jan 2023 18:49:36 GMT
Date: Mon, 30 Jan 2023 17:18:47 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
192.243.61.225200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 17:18:47 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b91b8191b744c7549bb2987d6a3698c1
Strict-Transport-Security: max-age=0; includeSubdomains
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:12:36 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 419464368
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/AHs97-lJYksHTuyrx18_r3WZxX1b57ZE7SA1nlw3Z_l17c-xU_-pmjyw4nSyDDZf5S_iowxR821284c5XoWWykay123D4FQnfNhgtw5myVIRRfrDtUbRacxJk_CYq_92KyKuEscReg=w300-h250-p-k-no-nu
142.250.74.97200 OK 7.4 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-lJYksHTuyrx18_r3WZxX1b57ZE7SA1nlw3Z_l17c-xU_-pmjyw4nSyDDZf5S_iowxR821284c5XoWWykay123D4FQnfNhgtw5myVIRRfrDtUbRacxJk_CYq_92KyKuEscReg=w300-h250-p-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Hash dea1d60a341ba287db0cd589be9aa946
58d5500bb6032c779fedd7b39d6a57a87add9bf9
2e08674ea9d563a20bd7ca8478f3b134b1e75a6af2d875a2354e3f5899066384
GET /blogger_img_proxy/AHs97-lJYksHTuyrx18_r3WZxX1b57ZE7SA1nlw3Z_l17c-xU_-pmjyw4nSyDDZf5S_iowxR821284c5XoWWykay123D4FQnfNhgtw5myVIRRfrDtUbRacxJk_CYq_92KyKuEscReg=w300-h250-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 31 Jan 2023 17:18:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 17:18:47 GMT
server: fife
content-length: 7372
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true
216.58.207.238200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true
IP 216.58.207.238:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1639
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Mon, 30 Jan 2023 17:18:47 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+258; expires=Wed, 29-Jan-2025 17:18:47 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Jan 2023 17:18:47 GMT
X-Firefox-Spdy: h2
eu.static.mega.co.nz/4/css/embedplayer.css-postbuild_80e386f6dba016f8574d7eb733031371ac22981e210d53462742432f4e3f50c6.css
89.44.169.134200 OK 4.5 kB URL HTTP/2 eu.static.mega.co.nz/4/css/embedplayer.css-postbuild_80e386f6dba016f8574d7eb733031371ac22981e210d53462742432f4e3f50c6.css
IP 89.44.169.134:0
ASN #203055 Datacenter Luxembourg S.A.
File type ASCII text, with very long lines (307)
Hash eef728e2359f0dc86c99aa68ce4c9aa4
9d86524438b2459f98bcd12a450ace8dd7cc92b1
c9614bedecde8cf41b4c31a59842e05005d1b957810c3100cb52d26d63166019
GET /4/css/embedplayer.css-postbuild_80e386f6dba016f8574d7eb733031371ac22981e210d53462742432f4e3f50c6.css HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:47 GMT
content-type: text/css
content-length: 4508
last-modified: Fri, 27 Jan 2023 03:40:17 GMT
vary: Accept-Encoding
etag: "63d347a1-119c"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
eu.static.mega.co.nz/4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js
89.44.169.134200 OK 50 kB URL HTTP/2 eu.static.mega.co.nz/4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js
IP 89.44.169.134:0
ASN #203055 Datacenter Luxembourg S.A.
Hash c0d7e9d928fed66497b85e8d1a8e0c1f
12038d815ea222296b1ae87011d77fa75037575d
1603d6707ff1bfdbe04f9758668b585b71085159abc670891e96c081f28a96e9
GET /4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:47 GMT
content-type: application/javascript
content-length: 49762
last-modified: Fri, 27 Jan 2023 03:40:16 GMT
vary: Accept-Encoding
etag: "63d347a0-c262"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
eu.static.mega.co.nz/4/fonts/lato-regular-ie.woff2?v=2aaea217993c48e0
89.44.169.134200 OK 143 kB URL HTTP/2 eu.static.mega.co.nz/4/fonts/lato-regular-ie.woff2?v=2aaea217993c48e0
IP 89.44.169.134:0
ASN #203055 Datacenter Luxembourg S.A.
File type Web Open Font Format (Version 2), TrueType, length 142744, version 1.0\012- data
Size 143 kB (142744 bytes)
Hash 274c711b53b40a82962083e466f522e6
6e12611d65211c547ced3ea1d544454f5ffcae99
ab73d700946a2bb3ab20198c4af443b85bd72da201b92cbcd3882d1b4228c136
GET /4/fonts/lato-regular-ie.woff2?v=2aaea217993c48e0 HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:47 GMT
content-type: font/woff2
content-length: 142744
last-modified: Fri, 27 Jan 2023 02:55:10 GMT
vary: Accept-Encoding
etag: "63d33d0e-22d98"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4736719&@f16&@g1&@h1&@i1&@j1675099140568&@k0&@l1&@m%5BActress%5D%20Song%20Min-kyung%20(%EC%86%A1%EB%AF%BC%EA%B2%BD)%20Sex%20Scene%20in%2010-Day%20Lover%20(2023)%2010%EC%9D%BC%EA%B0%84%EC%9D%98%20%EC%95%A0%EC%9D%B8&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40044814&@b3:1675099141&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&@w
54.39.128.117200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4736719&@f16&@g1&@h1&@i1&@j1675099140568&@k0&@l1&@m%5BActress%5D%20Song%20Min-kyung%20(%EC%86%A1%EB%AF%BC%EA%B2%BD)%20Sex%20Scene%20in%2010-Day%20Lover%20(2023)%2010%EC%9D%BC%EA%B0%84%EC%9D%98%20%EC%95%A0%EC%9D%B8&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40044814&@b3:1675099141&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&@w
IP 54.39.128.117:0
File type ASCII text, with no line terminators
Hash 71869228b51556d58137f77528bb8074
4cabf7746e0c74b5a3ffb74e42945fac49f2ce0f
e947ad0b53a7c29558b063d650b020c4375dbe8650809cab11af9638e85ff98e
GET /stats/0.php?4736719&@f16&@g1&@h1&@i1&@j1675099140568&@k0&@l1&@m%5BActress%5D%20Song%20Min-kyung%20(%EC%86%A1%EB%AF%BC%EA%B2%BD)%20Sex%20Scene%20in%2010-Day%20Lover%20(2023)%2010%EC%9D%BC%EA%B0%84%EC%9D%98%20%EC%95%A0%EC%9D%B8&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-40044814&@b3:1675099141&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.kfap.xyz%2F2023%2F01%2Factress-song-min-kyung-sex-scene-in-10.html%3Fm%3D1&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:48 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
blogger.googleusercontent.com/img/a/AVvXsEjbb7xQklUbLyzrtpQOmF0VfCzoGV9SuZVAsH-W2gnC-NHIXmA1_NFD4vqnlrnWjtARJ_fIAZs1Fd6D7QwnoP3kdmriSPybPR_bdFjQUx4QDees7V6aLzpcRfBho6IvXb9PV4KHNtoZeCa7Xi-AJ_HGgAE3krTT_hb7Z0cNkZJM5Equ9iCpZkgdr0DEWw=s150
142.250.74.97200 OK 2.9 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEjbb7xQklUbLyzrtpQOmF0VfCzoGV9SuZVAsH-W2gnC-NHIXmA1_NFD4vqnlrnWjtARJ_fIAZs1Fd6D7QwnoP3kdmriSPybPR_bdFjQUx4QDees7V6aLzpcRfBho6IvXb9PV4KHNtoZeCa7Xi-AJ_HGgAE3krTT_hb7Z0cNkZJM5Equ9iCpZkgdr0DEWw=s150
IP 142.250.74.97:0
File type PNG image data, 150 x 57, 8-bit colormap, non-interlaced\012- data
Hash 07a776bc395aaaa5432c64787e064f73
1912b43d2a51c7f9cc87765e1587c60ed1b03ca1
dcee6e274de025c2f56074bd9b420b317214da61bc7b38ce1c04e5666874cf1d
GET /img/a/AVvXsEjbb7xQklUbLyzrtpQOmF0VfCzoGV9SuZVAsH-W2gnC-NHIXmA1_NFD4vqnlrnWjtARJ_fIAZs1Fd6D7QwnoP3kdmriSPybPR_bdFjQUx4QDees7V6aLzpcRfBho6IvXb9PV4KHNtoZeCa7Xi-AJ_HGgAE3krTT_hb7Z0cNkZJM5Equ9iCpZkgdr0DEWw=s150 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2c48"
expires: Tue, 31 Jan 2023 17:18:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="bitcoin-accepted.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 17:18:48 GMT
server: fife
content-length: 2892
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 24b6633a37d53cfcfd496ab70fe4ee4a
0e63d4527e92b35415ba0a74ecdc5971922ab243
d1e59e0579aab1bdfc99b034dbfcf113e0789261815cbc317d8a70eb8c5fb133
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 09:42:57 GMT
Expires: Fri, 03 Feb 2023 09:42:56 GMT
Etag: "0e63d4527e92b35415ba0a74ecdc5971922ab243"
Cache-Control: max-age=317647,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791bde724d39b523-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 24b6633a37d53cfcfd496ab70fe4ee4a
0e63d4527e92b35415ba0a74ecdc5971922ab243
d1e59e0579aab1bdfc99b034dbfcf113e0789261815cbc317d8a70eb8c5fb133
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 09:42:57 GMT
Expires: Fri, 03 Feb 2023 09:42:56 GMT
Etag: "0e63d4527e92b35415ba0a74ecdc5971922ab243"
Cache-Control: max-age=317647,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791bde725c300b31-OSL
g.api.mega.co.nz/cs?id=0&domain=meganz&v=2&lang=en
66.203.125.15200 OK 99 B URL HTTP/1.1 g.api.mega.co.nz/cs?id=0&domain=meganz&v=2&lang=en
IP 66.203.125.15:0
ASN #203055 Datacenter Luxembourg S.A.
File type JSON data\012- , ASCII text, with no line terminators
Hash bc892e74ae5958bdbfea3d8e3907d4a9
004bfbc5bb2a62c6d6b3a189117f1976337d3cf4
da11cd8889dbfeba91b478135f2f43d3d6be1f9f11e64f414d2cdf67d19248b4
POST /cs?id=0&domain=meganz&v=2&lang=en HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 13
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 99
Content-Length: 99
Connection: keep-alive
g.api.mega.co.nz/cs?id=0&domain=meganz&v=2&lang=en
66.203.125.15200 OK 244 B URL HTTP/1.1 g.api.mega.co.nz/cs?id=0&domain=meganz&v=2&lang=en
IP 66.203.125.15:0
ASN #203055 Datacenter Luxembourg S.A.
File type JSON data\012- , ASCII text, with no line terminators
Hash b1683f6a27ea5e52cb44836d11d976d9
cba197738616e96662182d0728bb121253df4ea7
17f1ca2c6d50403e721ddcaa478d37607ffcae6a88396d1a083b53727ba33579
POST /cs?id=0&domain=meganz&v=2&lang=en HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 26
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 244
Content-Length: 244
Connection: keep-alive
eu.static.mega.co.nz/4/imagery/mega-embed-sprite.902b897b1ac00ca0.png
89.44.169.134200 OK 2.8 kB URL HTTP/2 eu.static.mega.co.nz/4/imagery/mega-embed-sprite.902b897b1ac00ca0.png
IP 89.44.169.134:0
ASN #203055 Datacenter Luxembourg S.A.
File type PNG image data, 144 x 360, 8-bit colormap, non-interlaced\012- data
Hash 6f323efbcf8776b1bc057c905f9103b3
586b1a4e23c7c689d36eb5d92395d5a94e7f125f
2e900f1a0971b51b43c28603af05d291f07332e9bcdc01d38e5840fcd187bf51
GET /4/imagery/mega-embed-sprite.902b897b1ac00ca0.png HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:48 GMT
content-type: image/png
content-length: 2799
last-modified: Fri, 27 Jan 2023 02:55:10 GMT
etag: "63d33d0e-aef"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
g.api.mega.co.nz/cs?id=-2228649835&&domain=meganz&v=2&lang=en
66.203.125.15200 OK 11 kB URL HTTP/1.1 g.api.mega.co.nz/cs?id=-2228649835&&domain=meganz&v=2&lang=en
IP 66.203.125.15:0
ASN #203055 Datacenter Luxembourg S.A.
File type JSON data\012- , ASCII text, with very long lines (26433), with no line terminators
Hash a802b27fc6c65189a2123793c90285e5
40508d037692f59d01535e0429bca07efa5383eb
ce8f2d768e724fac37e4bfc1d914df78524953fde34ba0720c4823aa1699946b
POST /cs?id=-2228649835&&domain=meganz&v=2&lang=en HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 34
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 26433
Content-Encoding: gzip
Content-Length: 10610
Connection: keep-alive
g.api.mega.co.nz/cs?id=-2228649834&&domain=meganz&v=2&lang=en
66.203.125.15200 OK 125 B URL HTTP/1.1 g.api.mega.co.nz/cs?id=-2228649834&&domain=meganz&v=2&lang=en
IP 66.203.125.15:0
ASN #203055 Datacenter Luxembourg S.A.
File type JSON data\012- , ASCII text, with no line terminators
Hash a2911830e28709f625cdbbc4083bae58
2b2d888d32858843bb930015b3d4561937413108
7166ef03922196b4720d0fb3e87ed14af6057106178720755ae6cd1263695945
POST /cs?id=-2228649834&&domain=meganz&v=2&lang=en HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 126
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 125
Content-Length: 125
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2148977c5f0f432006112dd5e5e80bf9
4a7d6ed557bc86c790f8000eb3b2422b2e5f9d32
d8eff5302abf40c12c5cce4b1c5d13b6c74e6e63b4baf0168100bab3772bb4b1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 01:16:20 GMT
Expires: Mon, 06 Feb 2023 01:16:19 GMT
Etag: "4a7d6ed557bc86c790f8000eb3b2422b2e5f9d32"
Cache-Control: max-age=546449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791bde770c73b523-OSL
gfs302n203.userstorage.mega.co.nz/.3MNMr64-YhIspgeqcrBa1qioylPbXQT0e5L0J475F3UIktQItY4tme53ILPGAPeBgB44hQ/1
162.208.16.103200 OK 28 kB URL HTTP/1.1 gfs302n203.userstorage.mega.co.nz/.3MNMr64-YhIspgeqcrBa1qioylPbXQT0e5L0J475F3UIktQItY4tme53ILPGAPeBgB44hQ/1
IP 162.208.16.103:0
Hash a3ee73af10769ab3106644563491cd17
27b34f02a8f165b3ae0feff982b964fef1ba70ef
c951e6c9067cbbce0ceeaa12e993b13344d146f9be6339ccc5d2bc1c74ec766f
POST /.3MNMr64-YhIspgeqcrBa1qioylPbXQT0e5L0J475F3UIktQItY4tme53ILPGAPeBgB44hQ/1 HTTP/1.1
Host: gfs302n203.userstorage.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Length: 8
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
a.realsrv.com/ad-provider.js
185.76.9.17200 OK 0 B URL HTTP/2 a.realsrv.com/ad-provider.js
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: application/javascript
etag: W/"c86623937323852b5fe82a29fcb"
expires: Tue, 24 Jan 2023 13:18:38 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1675106435
server: CDN77-Turbo
x-77-nzt: AblMCQ3YQ6n/oQ0AAA
x-77-nzt-ray: c0a4cc285442200ef4fbd763eae98d1b
x-cache: HIT
x-age: 3489
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.kfap.xyz/js/cookienotice.js
188.114.96.1200 OK 0 B URL HTTP/2 www.kfap.xyz/js/cookienotice.js
IP 188.114.96.1:0
GET /js/cookienotice.js HTTP/1.1
Host: www.kfap.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kfap.xyz/2023/01/actress-song-min-kyung-sex-scene-in-10.html?m=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: text/javascript
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
expires: Sun, 05 Feb 2023 18:32:02 GMT
cache-control: public, max-age=604800
last-modified: Sun, 29 Jan 2023 16:51:51 GMT
x-content-type-options: nosniff
x-xss-protection: 0
cf-cache-status: HIT
age: 82002
server: cloudflare
cf-ray: 791bde578fbeb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.kfap.xyz/2023/01/actress-song-min-kyung-sex-scene-in-10.html?m=1
188.114.96.1200 OK 0 B URL HTTP/2 www.kfap.xyz/2023/01/actress-song-min-kyung-sex-scene-in-10.html?m=1
IP 188.114.96.1:0
GET /2023/01/actress-song-min-kyung-sex-scene-in-10.html?m=1 HTTP/1.1
Host: www.kfap.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:44 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 30 Jan 2023 17:18:44 GMT
cache-control: private, max-age=0
last-modified: Mon, 30 Jan 2023 12:12:20 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSIcbDk0fp9e2ozQNcrxlBA7qC48zIXn3HDAB13PY%2FGrJq9SXIhnTnY%2BaDZUekAWPbDWzrEZ2nQq6B8enDuu4wLTrX8bwF2dIgfn3CLxtRi7CCXet2E8C69FdJMcnzE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791bde52ffebb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2