r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 33c3dea45eaabae3557235f002dda989
38a1903e09bff723af30fe5080f79646247b9254
b00022c599d7a74bd264b90a1ca9f935eb8a7bc6e63a9751dddc8acfbafe58da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B00022C599D7A74BD264B90A1CA9F935EB8A7BC6E63A9751DDDC8ACFBAFE58DA"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4537
Expires: Wed, 02 Nov 2022 09:10:46 GMT
Date: Wed, 02 Nov 2022 07:55:09 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 8d024a7496f85cabcc9adc118bd9fbec
a1146d4bf5c3e21619777259206bec6cad36e7ea
247b9761f543b4d13fabf86390a1580f92b2b271e1801d99b11bbb1980eefe84
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3622
Cache-Control: max-age=95774
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 07:55:09 GMT
Etag: "6360e755-1d7"
Expires: Thu, 03 Nov 2022 10:31:23 GMT
Last-Modified: Tue, 01 Nov 2022 09:31:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43ea74d83493710eb8b64a74046ff569
74dee6d9e8b796d34f2788a472b90b3f7fc79ecd
f62eff2ad4d64d785a48e2761d7f2bda9171f1e60b0e9dc525d8f589f9ef7c60
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F62EFF2AD4D64D785A48E2761D7F2BDA9171F1E60B0E9DC525D8F589F9EF7C60"
Last-Modified: Tue, 01 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7676
Expires: Wed, 02 Nov 2022 10:03:06 GMT
Date: Wed, 02 Nov 2022 07:55:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pXnJo03hPWr8sEGVAnZvRj2b4YgJe+deBUbjaOUJz01iWv5KlbiLYHXt5GDDjxyHpyh2OwjpUPqTs/+z5o91iQ==
x-amz-request-id: CM5C02BQWVKQK14Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 02 Nov 2022 07:45:47 GMT
age: 563
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 02 Nov 2022 07:55:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f9303161ce04577a7bcd56ce42831a56
690bf1468d25898db3ab46e03639946854ab25f0
40c380dba92d637574e7699ae184a089c090bab6f7215dc0178dadd8b23da43c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4715
Cache-Control: max-age=91811
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 07:55:10 GMT
Etag: "6360d396-1d7"
Expires: Thu, 03 Nov 2022 09:25:21 GMT
Last-Modified: Tue, 01 Nov 2022 08:06:46 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
200 OK 17 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
IP
File type ASCII text, with very long lines (65317)
Hash be9aeb2a05f665e3606faf11c09b542f
5644d0bd4e12fdfb7235166d2883fc7acd0a2c5b
13ace8ab3d9e2cbaf3fe1768b9ba1fc5313a5541607b4c07121c0abbb7fadfae
GET /ajax/libs/font-awesome/6.1.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 07:55:10 GMT
content-type: text/css; charset=utf-8
content-length: 17041
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "623a082a-4291"
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3042871
expires: Mon, 23 Oct 2023 07:55:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eefGZC02BrH2LohAGVV%2Ffa1OTEHxiswxVevWy6vzm8TdxfHf%2FkFIbq9i%2FRG3s2jsBrTK5vsjfcZAzOWeW4pKQhZHk6FCVBA%2FOk17AcyfIC%2B7zI1SGX2EW9gH%2B4nrMg6Duwz%2B6tTf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 763b4e7048c7b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash f8b41695b3160ebe051aaf286ac84aa5
448791eaf531971bdeb0e669237ec514b918e454
d0203800f320806d62827e737cee8ef3bfd845e326d1bd1c94513cbbe7a72bb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6497
Cache-Control: max-age=136051
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 07:55:10 GMT
Etag: "63617970-117"
Expires: Thu, 03 Nov 2022 21:42:41 GMT
Last-Modified: Tue, 01 Nov 2022 19:54:24 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
grup-whatsapp-bocil-viral.duckdns.org/
200 OK 12 kB URL HTTP/1.1 grup-whatsapp-bocil-viral.duckdns.org/
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 7e879505c221cf06c86f0a450b719e6a
b7777c4db35143870c04633322a6e892fe0b8894
472333deed2eadeb4480bf410172b1da30a928866037f1ab80181261bd19bb35
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish WhatsApp
GET / HTTP/1.1
Host: grup-whatsapp-bocil-viral.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 07:55:10 GMT
Server: Apache
Last-Modified: Sun, 22 May 2022 13:51:00 GMT
Accept-Ranges: bytes
Content-Length: 12104
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
cdn.jsdelivr.net/gh/renzichwan/api@main/jquery.3.6.2.js
200 OK 31 kB URL HTTP/2 cdn.jsdelivr.net/gh/renzichwan/api@main/jquery.3.6.2.js
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash c4c63c2d5101051139b77a3b52840d6e
77fd61e445745466ec24c1d9b0579d82dc6b4e01
8fa8dba2fa398f781a9aeef74c4ee46fdf988ef28fb7d9ad041b1f93a225a384
GET /gh/renzichwan/api@main/jquery.3.6.2.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"15d97-AlQJGYAgwhluq6bPpl0pMHMOEjQ"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 02 Nov 2022 07:55:10 GMT
age: 3172
x-served-by: cache-fra-eddf8230119-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31077
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 15b7a0fe6f8a0cc26e57134a034b5cef
1676f6a011dfc48b890825e747ac05b45f77e85e
d6077b8b328be49e1fe639822a366f7015a8d74c2b9bf9e2052dc17202884859
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 07:55:10 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "B789BF16911C2E9F18D1E77063030F7AC93CF98A"
Expires: Wed, 02 Nov 2022 18:00:00 GMT
Last-Modified: Wed, 02 Nov 2022 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3327
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 763b4e70ac2db4f4-OSL
upload.wikimedia.org/wikipedia/commons/thumb/5/51/Facebook_f_logo_%282019%29.svg/800px-Facebook_f_logo_%282019%29.svg.png
200 OK 24 kB URL HTTP/2 upload.wikimedia.org/wikipedia/commons/thumb/5/51/Facebook_f_logo_%282019%29.svg/800px-Facebook_f_logo_%282019%29.svg.png
IP
File type PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a8da4e0b6343e6dae0aea0c3cc174d3
f9ea8212770629caaf1577f89aa180a352dd9793
306864af741ccb4110c95cadb4addf4df49f98366d740f2325f28e0bb6da4e08
GET /wikipedia/commons/thumb/5/51/Facebook_f_logo_%282019%29.svg/800px-Facebook_f_logo_%282019%29.svg.png HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 06:11:20 GMT
etag: 5a8da4e0b6343e6dae0aea0c3cc174d3
server: ATS/9.1.3
content-type: image/png
content-length: 24097
content-disposition: inline;filename*=UTF-8''Facebook_f_logo_%282019%29.svg.png
last-modified: Tue, 22 Mar 2022 23:57:05 GMT
age: 6230
x-cache: cp3051 hit, cp3053 hit/10
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3053"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
x-client-ip: 91.90.42.154
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
grup-whatsapp-bocil-viral.duckdns.org/css/style.css
200 OK 10 kB URL HTTP/1.1 grup-whatsapp-bocil-viral.duckdns.org/css/style.css
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 149efe36b39021d0e9702284899b7fe1
cece49d694a592a2e46712af3b85abf7f95a26c8
4f75765c7da5f953125e28d9f186e8f4c009a3b9a88f8621b27dd46631df2303
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish WhatsApp
GET /css/style.css HTTP/1.1
Host: grup-whatsapp-bocil-viral.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 07:55:10 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 13:34:22 GMT
Accept-Ranges: bytes
Content-Length: 10146
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
upload.wikimedia.org/wikipedia/commons/thumb/1/19/WhatsApp_logo-color-vertical.svg/2048px-WhatsApp_logo-color-vertical.svg.png
200 OK 104 kB URL HTTP/2 upload.wikimedia.org/wikipedia/commons/thumb/1/19/WhatsApp_logo-color-vertical.svg/2048px-WhatsApp_logo-color-vertical.svg.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 104 kB (104140 bytes)
Hash 61971d0db20da2430ca02d3d67b11a7f
4516f35b573d149322ed0f9247d116a0abf6ac3e
0cf8bfac20e9f50684d332411da6f63aaa24bc78464b43209717209976c74bb5
GET /wikipedia/commons/thumb/1/19/WhatsApp_logo-color-vertical.svg/2048px-WhatsApp_logo-color-vertical.svg.png HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 01 Nov 2022 16:41:35 GMT
etag: 61971d0db20da2430ca02d3d67b11a7f
server: ATS/9.1.3
content-type: image/webp
content-length: 104140
content-disposition: inline;filename*=UTF-8''WhatsApp_logo-color-vertical.svg.webp
last-modified: Sun, 31 Oct 2021 05:50:59 GMT
age: 54815
x-cache: cp3051 hit, cp3053 hit/914
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3053"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
x-client-ip: 91.90.42.154
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
upload.wikimedia.org/wikipedia/sco/thumb/9/9f/Twitter_bird_logo_2012.svg/1200px-Twitter_bird_logo_2012.svg.png
200 OK 43 kB URL HTTP/2 upload.wikimedia.org/wikipedia/sco/thumb/9/9f/Twitter_bird_logo_2012.svg/1200px-Twitter_bird_logo_2012.svg.png
IP
File type PNG image data, 1200 x 970, 8-bit/color RGBA, non-interlaced\012- data
Hash d73b11e5a426bc930f4f94b803dd8de0
e25e7732f76dbbfcff0001ccd481b1b052319352
5f7dcd0740eb7d2a35002b10fb66e16d39b0b8ca4679e7a05021e92c8642b7e7
GET /wikipedia/sco/thumb/9/9f/Twitter_bird_logo_2012.svg/1200px-Twitter_bird_logo_2012.svg.png HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 01 Nov 2022 16:29:31 GMT
content-type: image/png
content-length: 42852
x-object-meta-sha1base36: qfxds8826pli3fxmpcyhyzbsttqb042
content-disposition: inline;filename*=UTF-8''Twitter_bird_logo_2012.svg.png
last-modified: Tue, 22 Dec 2015 21:18:58 GMT
etag: d73b11e5a426bc930f4f94b803dd8de0
server: ATS/9.1.3
age: 55539
x-cache: cp3051 hit, cp3053 hit/3
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3053"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
x-client-ip: 91.90.42.154
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.pixabay.com/photo/2015/11/02/14/01/google-1018443_960_720.png
200 OK 22 kB URL HTTP/2 cdn.pixabay.com/photo/2015/11/02/14/01/google-1018443_960_720.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9b032d4f1ad57a2eff7e07b7eec2f18d
100a84ead76d190201699f33f566630c7fb8d757
6fef11ccaacbc79e25729e7f4654a5b6fe4bcd0cd0023ef712e85c423dcf4c5d
GET /photo/2015/11/02/14/01/google-1018443_960_720.png HTTP/1.1
Host: cdn.pixabay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 07:55:11 GMT
content-type: image/webp
content-length: 22144
cf-ray: 763b4e707cdfb4fa-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
content-disposition: inline; filename="google-1018443_960_720.webp"
etag: "6ed55c5edcff5f841450195e6a708180"
expires: Thu, 02 Nov 2023 07:55:11 GMT
last-modified: Tue, 26 Feb 2019 19:55:00 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=45021
x-amz-id-2: vtXvdX6NTECBAn0rfvakVB3fAnmBj8pMtZHSQVUwT3HrhUcWwr1IxsZLjoLAe+EVBVLJB/rr87A=
x-amz-replication-status: COMPLETED
x-amz-request-id: 9ECS3KB6BBEH7QAZ
x-amz-version-id: Hkxqya6_eGb2yKt2jzSRKeryTh72KPuN
set-cookie: __cf_bm=j7JlHfjfwrLIf3kd42V9ehg44KuGXI49st6mKw7pFg0-1667375711-0-ASHDbe/dztAqn2TZQZ5LiPQNxBmie2gzz4mcJOWTetrbxgRTDNAvk2JgKuhKQuZZx8NZynS+wBmg3pxWaRzKPpI=; path=/; expires=Wed, 02-Nov-22 08:25:11 GMT; domain=.pixabay.com; HttpOnly; Secure; SameSite=None
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upload.wikimedia.org/wikipedia/commons/thumb/e/e7/Instagram_logo_2016.svg/768px-Instagram_logo_2016.svg.png
200 OK 91 kB URL HTTP/2 upload.wikimedia.org/wikipedia/commons/thumb/e/e7/Instagram_logo_2016.svg/768px-Instagram_logo_2016.svg.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1a25ed80db0f526d913551145951de04
be712c7e446b701a819e9f4de3341e576e8e7d79
baca5bd90863cdb00c0200e424db9b8ec7fa7bc4e993fe427979bd21e0536e0c
GET /wikipedia/commons/thumb/e/e7/Instagram_logo_2016.svg/768px-Instagram_logo_2016.svg.png HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 01 Nov 2022 13:31:26 GMT
content-type: image/webp
content-length: 91230
content-disposition: inline;filename*=UTF-8''Instagram_logo_2016.svg.webp
last-modified: Sun, 10 Oct 2021 04:10:05 GMT
etag: 1a25ed80db0f526d913551145951de04
server: ATS/9.1.3
age: 66225
x-cache: cp3057 hit, cp3053 hit/116
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3053"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
x-client-ip: 91.90.42.154
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
upload.wikimedia.org/wikipedia/commons/thumb/c/c9/Linkedin.svg/1200px-Linkedin.svg.png
200 OK 46 kB URL HTTP/2 upload.wikimedia.org/wikipedia/commons/thumb/c/c9/Linkedin.svg/1200px-Linkedin.svg.png
IP
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Hash 15fd5adb3c750e71a0e6ba69caaabe5f
a4f3e8c0e2352370a345831f9506eec1ea676844
fad38a419d5174d319a1f981208346b04651d8fc67f72ef8a780bd23fa2b4709
GET /wikipedia/commons/thumb/c/c9/Linkedin.svg/1200px-Linkedin.svg.png HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 01 Nov 2022 14:53:10 GMT
content-type: image/png
content-length: 46381
last-modified: Sun, 03 Nov 2013 22:03:20 GMT
etag: 15fd5adb3c750e71a0e6ba69caaabe5f
server: ATS/9.1.3
age: 61320
x-cache: cp3053 hit, cp3053 hit/16
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3053"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
x-client-ip: 91.90.42.154
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
upload.wikimedia.org/wikipedia/commons/thumb/4/4f/YouTube_social_white_squircle.svg/480px-YouTube_social_white_squircle.svg.png
200 OK 7.2 kB URL HTTP/2 upload.wikimedia.org/wikipedia/commons/thumb/4/4f/YouTube_social_white_squircle.svg/480px-YouTube_social_white_squircle.svg.png
IP
File type PNG image data, 480 x 480, 8-bit/color RGBA, non-interlaced\012- data
Hash 910a959e6cf7a28095f3ba5c626420a7
100d2ecfa6d96f55262260c653fb5eb9f88ebfd3
eddca1ddabc05c124de7e547b8f3343afd65b17c5a5e992d79f017b5d0bdbce2
GET /wikipedia/commons/thumb/4/4f/YouTube_social_white_squircle.svg/480px-YouTube_social_white_squircle.svg.png HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 02 Nov 2022 07:04:27 GMT
content-type: image/png
content-length: 7165
content-disposition: inline;filename*=UTF-8''YouTube_social_white_squircle.svg.png
last-modified: Thu, 26 May 2022 10:39:03 GMT
etag: 2c0fc3bab300a3c5e2663cdc82c35fc5
server: ATS/9.1.3
age: 3044
x-cache: cp3053 hit, cp3053 miss
x-cache-status: hit-local
server-timing: cache;desc="hit-local", host;desc="cp3053"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
x-client-ip: 91.90.42.154
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash f8b41695b3160ebe051aaf286ac84aa5
448791eaf531971bdeb0e669237ec514b918e454
d0203800f320806d62827e737cee8ef3bfd845e326d1bd1c94513cbbe7a72bb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6498
Cache-Control: max-age=136051
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 07:55:11 GMT
Etag: "63617970-117"
Expires: Thu, 03 Nov 2022 21:42:42 GMT
Last-Modified: Tue, 01 Nov 2022 19:54:24 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OHmmavsQnFZTr5mDTSdqrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dGh1VHN9W8RLOy+OhJE/3E7Pkd8=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7ade42d6945d5a2b1e7a64b0743fdd38
91acb9f45177f50b1d0e43d5e4ceb062dd18d735
149be9211dcb1690f257c86a36dce8735e71b524ec366758303ba2a59a6c9b53
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "149BE9211DCB1690F257C86A36DCE8735E71B524EC366758303BA2A59A6C9B53"
Last-Modified: Tue, 01 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19398
Expires: Wed, 02 Nov 2022 13:18:29 GMT
Date: Wed, 02 Nov 2022 07:55:11 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8fcb8c8bfc18b00470f0bc43683c9709
a322f84088d14cb7de1e104171fc998a591291b6
4084b5ccaf95ff4f5da421cb5b101d20f4f2f87959698a5d1cc19d4e2afe7016
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 07:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8fcb8c8bfc18b00470f0bc43683c9709
a322f84088d14cb7de1e104171fc998a591291b6
4084b5ccaf95ff4f5da421cb5b101d20f4f2f87959698a5d1cc19d4e2afe7016
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 07:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-solid-900.woff2
200 OK 154 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 154228, version 769.768\012- data
Size 154 kB (154228 bytes)
Hash 55b416a8df21f9f987aa352f10d1343b
2717f3f58271f2f2e6120d9937c7227002656d34
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
GET /ajax/libs/font-awesome/6.1.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://grup-whatsapp-bocil-viral.duckdns.org
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 07:55:11 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 154228
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "623a082a-25a74"
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 539639
expires: Mon, 23 Oct 2023 07:55:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRj6B7Htw5NsfVJkDLSlFZkdwJNi%2Bggm2O2ehPjgzc%2BdcqRPb8KGp5%2FxgTOXWr5kiBmbF6bh%2FY5pxUlcNFbOW7OSSz3G11TMaK6j7Asxk5IwgglPoC8vu5EtTRrkmw2Dqb7%2FSgOU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 763b4e731bfdb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
h.top4top.io/p_2307bd3oz1.jpg
200 OK 42 kB URL HTTP/2 h.top4top.io/p_2307bd3oz1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x640, components 3\012- data
Hash 2a8b4f4e2c4de7112fbf85e6df634dae
eb1ab332e37fd5a4ea87c8ad51d3e4054d006e5f
0c51f04e0ef8ade8a572393c811f0b6593be8860d88359346610ca95109e3ab2
GET /p_2307bd3oz1.jpg HTTP/1.1
Host: h.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 02 Nov 2022 07:55:11 GMT
content-type: image/jpeg
content-length: 41509
set-cookie: klj_40d147_downloads=rgvpj; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Thu, 03 Nov 2022 07:31:51 GMT
last-modified: Tue, 26 Apr 2022 04:33:40 GMT
content-disposition: inline; filename="arra.jpg"
etag: "62677624-a225"
expires: Wed, 02 Nov 2022 09:55:11 GMT
cache-control: max-age=7200
x-file-id: x46137223x
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7b4037f614b6784bb6b750dd410c6e43
20a140462d827888c8e7922861f641e7a66551bf
5a1b87f9143203a881ac4482cb6d6a013468a99c575f5268ad2122ae8a2bd455
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 07:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://grup-whatsapp-bocil-viral.duckdns.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 19:34:08 GMT
expires: Thu, 26 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 562863
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7b4037f614b6784bb6b750dd410c6e43
20a140462d827888c8e7922861f641e7a66551bf
5a1b87f9143203a881ac4482cb6d6a013468a99c575f5268ad2122ae8a2bd455
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 07:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
grup-whatsapp-bocil-viral.duckdns.org/img/fb.png
200 OK 29 kB URL HTTP/1.1 grup-whatsapp-bocil-viral.duckdns.org/img/fb.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish WhatsApp
GET /img/fb.png HTTP/1.1
Host: grup-whatsapp-bocil-viral.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 07:55:11 GMT
Server: Apache
Last-Modified: Sun, 12 Dec 2021 19:09:22 GMT
Accept-Ranges: bytes
Content-Length: 28789
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
grup-whatsapp-bocil-viral.duckdns.org/img/loading.gif
200 OK 155 kB URL HTTP/1.1 grup-whatsapp-bocil-viral.duckdns.org/img/loading.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 103 x 103\012- data
Size 155 kB (155276 bytes)
Hash bf204ea2c9d336f7d644a27efe625599
0a1e872fcf09aa9ade5d3f1f6fa2fdfc1a87a808
d81224d38d403865a2186193664073bb7cbfa7be0352e0eecbb774259b5b9e1e
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish WhatsApp
GET /img/loading.gif HTTP/1.1
Host: grup-whatsapp-bocil-viral.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2022 07:55:11 GMT
Server: Apache
Last-Modified: Mon, 02 May 2022 19:58:58 GMT
Accept-Ranges: bytes
Content-Length: 155276
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c18aead96956fc8de41d067a99071c73
29b784835d23ec09a11f91dda1f3ac9f9550c129
106617c550459147e0e38e15d84305ed944cbc259b78291ad0c9fc01083c182d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12335
Expires: Wed, 02 Nov 2022 11:20:47 GMT
Date: Wed, 02 Nov 2022 07:55:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c18aead96956fc8de41d067a99071c73
29b784835d23ec09a11f91dda1f3ac9f9550c129
106617c550459147e0e38e15d84305ed944cbc259b78291ad0c9fc01083c182d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12335
Expires: Wed, 02 Nov 2022 11:20:47 GMT
Date: Wed, 02 Nov 2022 07:55:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c18aead96956fc8de41d067a99071c73
29b784835d23ec09a11f91dda1f3ac9f9550c129
106617c550459147e0e38e15d84305ed944cbc259b78291ad0c9fc01083c182d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "106617C550459147E0E38E15D84305ED944CBC259B78291AD0C9FC01083C182D"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12335
Expires: Wed, 02 Nov 2022 11:20:47 GMT
Date: Wed, 02 Nov 2022 07:55:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48bbdd9c-6fd8-4186-9826-5b75daa3f949.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48bbdd9c-6fd8-4186-9826-5b75daa3f949.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e6d78844aa60ad0bd62fc70779a63e8
80dbe6518bd99eb7cab1ba0ff9b5c53d0cc85949
ac1ee1c30bee586a5edd9605a514548e1e91e6ef39c55cc866cf026b8ed3df82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48bbdd9c-6fd8-4186-9826-5b75daa3f949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10496
x-amzn-requestid: 4b3864a5-5e0b-42f3-83b3-c997f66eeb55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a8OG_H3oIAMFalA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63619092-6e450a0c6393d47f4d72ce35;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 21:33:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RdQLfkVz-UeNJrjj1v9AhoN4y_UGJWCMDxBs_Aol54c5-mf-cZoaZw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 01 Nov 2022 22:24:57 GMT
age: 34215
etag: "80dbe6518bd99eb7cab1ba0ff9b5c53d0cc85949"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabfa0ff8-fada-4af4-ab5f-529906656572.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabfa0ff8-fada-4af4-ab5f-529906656572.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ab331970f5e4f7f2e0ff0c042095ec4e
2b72b9df83cc12db944f6d079d91d6362be036d0
35dd7f4cc581389be9e90be3e7a8663831eeeb89c261cb3eb3fcc66cb9e56f24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabfa0ff8-fada-4af4-ab5f-529906656572.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7026
x-amzn-requestid: f5a992f1-beb7-463c-8125-e0f74009f272
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a8N75GyioAMFsEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6361904b-648797425d1d3d485d17d773;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 21:31:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ct2UyXUhCL58M5_X1nCM5LhPGWDxuZgav0SiSsm99PUF_ergMz34tw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 01 Nov 2022 21:40:58 GMT
age: 36854
etag: "2b72b9df83cc12db944f6d079d91d6362be036d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec2e029c-fc0b-49fc-86fd-a0353e4bf400.png
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec2e029c-fc0b-49fc-86fd-a0353e4bf400.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d889392defc575d85e26321730c2722
28177e0094cb108a96751ba23830134e1d4b8e15
758b77490f2f67d8d4297e0060b0a310be6f03dcda4808969147e1610879e836
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec2e029c-fc0b-49fc-86fd-a0353e4bf400.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12840
x-amzn-requestid: c6424625-a000-41be-8043-4ac408d25086
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a8OHAG5QIAMFodA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63619093-2d8d7616088723ab392f74ff;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 21:33:07 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _nhbB7wn_tje5pEJa66ub53DJMk6pvkjSfpKsruWEuzYPDoUlm_icg==
via: 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 01 Nov 2022 21:52:39 GMT
age: 36153
etag: "28177e0094cb108a96751ba23830134e1d4b8e15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f483454-b074-4576-b487-76a14ccb2059.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f483454-b074-4576-b487-76a14ccb2059.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd006407a4ea0fbeec2f1351a71f30bc
d1625420cdc79643e759247b0e9ac89dadfbe956
fd461665ee463fad26300630684a11e3c520485e3b001c2f08439d50589ddbb7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f483454-b074-4576-b487-76a14ccb2059.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10527
x-amzn-requestid: 1b709c25-8424-49d8-bc0e-dac3fbc154ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apNEzH5ZoAMFWdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359f551-3fb0703f27b571cf7f85e59e;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 03:04:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9A2gds6rdrlTJCrN3m05Yl3azoOYGCEaCd2OBH8qq21wHR8WgqI3CA==
via: 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 01 Nov 2022 23:26:00 GMT
age: 30552
etag: "d1625420cdc79643e759247b0e9ac89dadfbe956"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9067498d-78d2-435d-8b10-b820a3dc52b0.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9067498d-78d2-435d-8b10-b820a3dc52b0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78eb5f70ef685ec40e7f78e9b0e26408
151f176fd21052c6a8b65968c5748ed8c5c2a485
bf18c4acfa204ee2c82d2e4eee3b76af1cab7d60a44d054e218858f70e2c946d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9067498d-78d2-435d-8b10-b820a3dc52b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4650
x-amzn-requestid: d6cee216-c0a8-48a5-8eca-06a4eb7febb2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a8N73HVmoAMFirg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6361904b-659b7849648061d74ca480b4;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DECgzc73K3qmrEWVyHJO04AxOMxiocK0o_NNVSj5DOb5cqOyfvutRw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 01 Nov 2022 21:37:51 GMT
age: 37041
etag: "151f176fd21052c6a8b65968c5748ed8c5c2a485"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcefd3b48-7651-47c6-8c8a-f0d12040243f.png
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcefd3b48-7651-47c6-8c8a-f0d12040243f.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c066b3df15894334ba1bc13fef786b8b
344528dcc12698a50f00d3254392156c05c7432c
deb552e74505bb37d84cd7f71373d7d6580348d35013050da79f0b351f762884
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcefd3b48-7651-47c6-8c8a-f0d12040243f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12991
x-amzn-requestid: 340e135e-a5d8-4ff6-9e5d-dc984bded5b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a8N8yExnoAMFmqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63619051-3c8d00423953a668286cabdc;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 21:32:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aBwdj71SWu875x4vZwB7J8v7eQAkRWzPbjZ9ZQA7iXqLjD2xOozGOQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 01 Nov 2022 21:37:51 GMT
age: 37041
etag: "344528dcc12698a50f00d3254392156c05c7432c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
200 OK 600 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 726600d2d379551fe70d460d97a96368
423b798e57dc401f5f31d8316ff52b812291bce7
d6995e9e6a36bc5595ede4778a98dbc4169a179478993d163d5a787189309e9e
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 02 Nov 2022 07:43:40 GMT
last-modified: Wed, 02 Nov 2022 04:17:50 GMT
expires: Wed, 09 Nov 2022 04:17:49 GMT
etag: "423b798e57dc401f5f31d8316ff52b812291bce7"
cache-control: max-age=603042,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: scdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 763b3d954b50cf09-SJC
accept-ranges: bytes
ali-swift-global-savetime: 1667375020
via: cache13.l2ot7-1[0,0,200-0,H], cache2.l2ot7-1[1,0], cache3.se1[634,634,200-0,M], cache5.se1[636,0], cache5.se1[638,0]
age: 692
x-cache: MISS TCP_REFRESH_MISS dirn:2:331299639
x-swift-savetime: Wed, 02 Nov 2022 07:55:12 GMT
x-swift-cachetime: 1108
timing-allow-origin: *, *
eagleid: 2ff62c9916673757120773199e, 2ff62c9916673757120773199e
ocsp.trust-provider.cn/
200 OK 600 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 726600d2d379551fe70d460d97a96368
423b798e57dc401f5f31d8316ff52b812291bce7
d6995e9e6a36bc5595ede4778a98dbc4169a179478993d163d5a787189309e9e
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 02 Nov 2022 07:43:40 GMT
last-modified: Wed, 02 Nov 2022 04:17:50 GMT
expires: Wed, 09 Nov 2022 04:17:49 GMT
etag: "423b798e57dc401f5f31d8316ff52b812291bce7"
cache-control: max-age=603042,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: scdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 763b3d954b50cf09-SJC
accept-ranges: bytes
ali-swift-global-savetime: 1667375020
via: cache13.l2ot7-1[0,0,200-0,H], cache13.l2ot7-1[0,0], cache5.se1[687,687,200-0,M], cache5.se1[689,0], cache5.se1[690,0]
age: 692
x-cache: MISS TCP_REFRESH_MISS dirn:11:390132015
x-swift-savetime: Wed, 02 Nov 2022 07:55:12 GMT
x-swift-cachetime: 1108
timing-allow-origin: *, *
eagleid: 2ff62c9916673757120773200e, 2ff62c9916673757120773200e
ocsp.digicert.com/
200 OK 471 B IP
Hash 854ad18b161a2f5c986989d41f840aa5
f0a0c70b4d89524133d42be0a3a7a887a4a46727
8f0fffe0487688f5918e1d740662761c5c88761129363a5270cfe43d9ace3206
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1930
Cache-Control: max-age=117118
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 07:55:12 GMT
Etag: "63614154-1d7"
Expires: Thu, 03 Nov 2022 16:27:10 GMT
Last-Modified: Tue, 01 Nov 2022 15:55:00 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
z-p3-static.xx.fbcdn.net/rsrc.php/yz/r/lOol7j-zq4u.svg
200 OK 1.1 kB URL HTTP/2 z-p3-static.xx.fbcdn.net/rsrc.php/yz/r/lOol7j-zq4u.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2647)
Hash bd0880df88ba23dce1b8de68332938a5
8be9792babd149d9a4bedb0562845f90c853022d
512f22d9e403f73d98088432549f970e937655bcddf73ac64c5ff4ebe1ef6b8b
GET /rsrc.php/yz/r/lOol7j-zq4u.svg HTTP/1.1
Host: z-p3-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: image/svg+xml
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 27 Oct 2023 22:04:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: vQiA34i6I9zhuN5oMyk4pQ==
x-fb-debug: cndolCcu91cuNxE7BL0YGfgw95AqVIFcLshXSoTVXOni2hfc69noJpLQC0NYKCrAONQsN+Qx04To6ssareDIPQ==
content-length: 1145
date: Wed, 02 Nov 2022 07:55:13 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
na.apps.amsoveasea.com/swoole/?actid=2020&r=index/getCountry&_only_service_response_=1
200 OK 55 B URL HTTP/2 na.apps.amsoveasea.com/swoole/?actid=2020&r=index/getCountry&_only_service_response_=1
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JSON data\012- , ASCII text, with no line terminators
Hash 282321d0e634380516dc9b071d902b0e
946b6642e5920c21249381cdff0539a340076401
8558e2e54a70e405fcf4291549fbdcfdd9e045cf6fc45b06247dc92a45127ac3
GET /swoole/?actid=2020&r=index/getCountry&_only_service_response_=1 HTTP/1.1
Host: na.apps.amsoveasea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://grup-whatsapp-bocil-viral.duckdns.org
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 02 Nov 2022 07:55:12 GMT
content-type: text/html
content-length: 55
server: nginx
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 854ad18b161a2f5c986989d41f840aa5
f0a0c70b4d89524133d42be0a3a7a887a4a46727
8f0fffe0487688f5918e1d740662761c5c88761129363a5270cfe43d9ace3206
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1931
Cache-Control: max-age=117118
Content-Type: application/ocsp-response
Date: Wed, 02 Nov 2022 07:55:13 GMT
Etag: "63614154-1d7"
Expires: Thu, 03 Nov 2022 16:27:11 GMT
Last-Modified: Tue, 01 Nov 2022 15:55:00 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css2?family=Roboto&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto&display=swap
IP
GET /css2?family=Roboto&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grup-whatsapp-bocil-viral.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 02 Nov 2022 07:55:11 GMT
date: Wed, 02 Nov 2022 07:55:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
20.196.64.109
104.17.25.14
91.198.174.208
129.226.2.89
23.36.76.226
151.101.85.229
51.159.67.135
93.184.220.29