r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9194
Expires: Thu, 23 Mar 2023 21:04:18 GMT
Date: Thu, 23 Mar 2023 18:31:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8516
Expires: Thu, 23 Mar 2023 20:53:00 GMT
Date: Thu, 23 Mar 2023 18:31:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9829
Expires: Thu, 23 Mar 2023 21:14:53 GMT
Date: Thu, 23 Mar 2023 18:31:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 18:15:07 GMT
content-type: application/json
age: 957
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Lu6ZVEj9nlRR2IZfJ5N2jFCm4cII6j5j0WFGPvMA3mu0yy0a4pc/dJ5cyrf7Ui3ympFv9T6CkTW2JcAHMkkq6w==
x-amz-request-id: RZT4KNT4AY4VCP8C
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 17:54:08 GMT
age: 2216
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
web-hanabi188.linkapp77.com/?apk
188.114.96.1301 Moved Permanently 240 B URL HTTP/1.1 web-hanabi188.linkapp77.com/?apk
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b37dc8fe9715976ac633f73784b27c71
259096f4ae4e0549451bbec409ff4c4d2d1d439a
033a57eeab4112946b90a5e147e4ea65f36e3df10e6de3022bbae327df6fdbf6
GET /?apk HTTP/1.1
Host: web-hanabi188.linkapp77.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 18:31:04 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://hanabi188.nsp2d.com/?apk
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3sGzO%2FmR28QEJKpOeS%2BWg0dd9wLtq9XB1FMEVxUgPlXwrCEIxLFYOepo911aIGvwRoHGTeI0TQnbFASCJWmGuqVr%2FUV%2FW28Ma38hg7jViDkLPHz8B58vCIFh2R5CXaEwsyxUk1saSCV8E%2Fyu%2FY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac8bfcc6f03b4f7-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 18:31:04 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 18:14:33 GMT
age: 992
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 18b877ebbad1529e4bd91e12220d91c4
a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc
7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3504
Expires: Thu, 23 Mar 2023 19:29:29 GMT
Date: Thu, 23 Mar 2023 18:31:05 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hanabi188.nsp2d.com/images/bgline3.png
104.18.25.123200 OK 1.9 kB URL HTTP/2 hanabi188.nsp2d.com/images/bgline3.png
IP 104.18.25.123:0
File type PNG image data, 404 x 6, 8-bit/color RGB, non-interlaced\012- data
Hash fc2d6d1d131103536a23e1803d544492
102d30b596dc540b745dc674b4ec93e653d711f0
e3d43535fe73310c232dd1c48bf12050c1c4609c7741f6dace0342858f8b96bd
GET /images/bgline3.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 1880
last-modified: Sat, 11 Mar 2023 03:50:52 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd1fcb31c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/psr-qtr.png
104.18.25.123200 OK 4.5 kB URL HTTP/2 hanabi188.nsp2d.com/images/psr-qtr.png
IP 104.18.25.123:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 94b7c4d77007d1d2874c8dfeeea13ba3
758e6d6396b4cc34483e97c4e2fd89819ef51501
3c6d1ffbbbf8bbed2ca10803e6715b5ff1885aa984e50e648ca1a73961dea64a
GET /images/psr-qtr.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 4525
last-modified: Sat, 11 Mar 2023 03:45:34 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd20ce61c12-OSL
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hanabi188.nsp2d.com
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1679596265.dop213.sk1.t,1679596265.cds214.sk1.hn,1679596265.cds210.sk1.c
X-Firefox-Spdy: h2
img.pay4d.info/logo_providernewn.png
104.19.137.75200 OK 33 kB URL HTTP/2 img.pay4d.info/logo_providernewn.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d26d0196a8571cd42100409055330adc
28d30daf6e17e93e832109eb24f23e627d3d4272
855f6c1f70790f06b1197e726a6bb3ae83cc7f835d100398da871f01f849ff1d
GET /logo_providernewn.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 32702
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=85268
content-disposition: inline; filename="logo_providernewn.webp"
last-modified: Wed, 15 Mar 2023 10:20:39 GMT
vary: Accept
cf-cache-status: HIT
age: 5586
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d1ab503-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/psr-sgm.png
104.18.25.123200 OK 4.0 kB URL HTTP/2 hanabi188.nsp2d.com/images/psr-sgm.png
IP 104.18.25.123:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash cd9f27acbfec801c2a25d3eed9b26afb
15cd0aa4a84c542e464fea3dac123b1ed454a5b4
fc3df3c085d10b80b808cdd900cbb5ec2f8581232bb9df2e63ac518a41a3b9c4
GET /images/psr-sgm.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 3966
last-modified: Tue, 21 Mar 2023 06:38:13 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd20cdf1c12-OSL
X-Firefox-Spdy: h2
img.pay4d.info/footern.png
104.19.137.75200 OK 10 kB URL HTTP/2 img.pay4d.info/footern.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c874f595389f01e778067dff5bc5d1f0
c5f3cb0b0a03bb0cc41cea7d1bc24b630eaab4bf
84097f8df21211e36d200017ce5dbb571569bbd5d21d7dfb1067d0b75567b17f
GET /footern.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 10240
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=11983
content-disposition: inline; filename="footern.webp"
last-modified: Fri, 04 Nov 2022 13:47:10 GMT
vary: Accept
cf-cache-status: HIT
age: 5587
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d1bb503-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/psr-hk.png
104.18.25.123200 OK 5.8 kB URL HTTP/2 hanabi188.nsp2d.com/images/psr-hk.png
IP 104.18.25.123:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b33466f1596c700cabc4b5aa0fdeddc
96ca4f0aca9bc2e4d28d9e8ee94868b1413e5199
80eaeccf24ccdf4a13dc2a1c1b0780681678cee4c40e3d13bb55e9f16e8240d9
GET /images/psr-hk.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 5800
last-modified: Sat, 11 Mar 2023 03:45:29 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd20ce81c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/psr-syd.png
104.18.25.123200 OK 8.4 kB URL HTTP/2 hanabi188.nsp2d.com/images/psr-syd.png
IP 104.18.25.123:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 800604d968f4fdb72ac93a188918275d
be4dc446ba5b728b6d906fe2f3b811fdaa2e377f
ad48f6be01b64f903c38c4b4ea9913d88527fcdd6053144f4627663eb9918770
GET /images/psr-syd.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 8399
last-modified: Sat, 11 Mar 2023 03:45:29 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd20ce01c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/upload-Promo-20230315191549.jpg
104.18.25.123200 OK 91 kB URL HTTP/2 hanabi188.nsp2d.com/images/upload-Promo-20230315191549.jpg
IP 104.18.25.123:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2023:03:15 18:06:53], progressive, precision 8, 900x180, components 3\012- data
Hash 71c059eb85a029a531b7cac5eaa252b0
4c504201497c5973b75288e798d6b8afe7426f5e
da6772bd2173be11515f594579e2a8025c04bce02182513eca90edec2f9f3392
GET /images/upload-Promo-20230315191549.jpg HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/jpeg
content-length: 91158
last-modified: Wed, 15 Mar 2023 12:15:49 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd1fcd31c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/psr-mc.png
104.18.25.123200 OK 9.8 kB URL HTTP/2 hanabi188.nsp2d.com/images/psr-mc.png
IP 104.18.25.123:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash d093550c7bd08bcb99652e7bb88977b1
5c0c0eded056026a9f41220bd6c1a5505a01bc47
330039c52b34aea1e536891e1deb20c8f93f64381e5dce35b4b20c8374845584
GET /images/psr-mc.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 9814
last-modified: Sat, 11 Mar 2023 03:45:30 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd20ce41c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/bgline.png
104.18.25.123200 OK 1.9 kB URL HTTP/2 hanabi188.nsp2d.com/images/bgline.png
IP 104.18.25.123:0
File type PNG image data, 576 x 4, 8-bit/color RGB, non-interlaced\012- data
Hash 070dbf77d99e3062917d8f5823c3df31
1ea13509639fad95f9bc402100209973fd22213c
56fcd059a93977699a7088d58d611e90a3037e757a8b9735b195c72d080f7a89
GET /images/bgline.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 1874
last-modified: Sat, 11 Mar 2023 03:50:51 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd22d1c1c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/upload-Promo-20230315191609.jpg
104.18.25.123200 OK 70 kB URL HTTP/2 hanabi188.nsp2d.com/images/upload-Promo-20230315191609.jpg
IP 104.18.25.123:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2023:03:15 18:08:47], progressive, precision 8, 900x180, components 3\012- data
Hash d5773a05e176078337bd0d60a3c4a35d
d02fbb5da0ea9e612a78b149b3998967c365c2f5
e76788b8c560972ef88cbc836d1e220385a8f8d5eb42f7480a7b9e66b45f643a
GET /images/upload-Promo-20230315191609.jpg HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/jpeg
content-length: 69679
last-modified: Wed, 15 Mar 2023 12:16:09 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd1fcd41c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/logoweb.png
104.18.25.123200 OK 58 kB URL HTTP/2 hanabi188.nsp2d.com/images/logoweb.png
IP 104.18.25.123:0
File type PNG image data, 450 x 131, 8-bit/color RGBA, non-interlaced\012- data
Hash 0334e7c0059cb62c42a8029a5acc05ec
ec4c9e625e4d7bdb35e293f55d1a190c6c8f9ffc
9116474dd63f89db899dafb886327f934bc8a9eb43537ef78b2dc166e429b887
GET /images/logoweb.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 57507
last-modified: Sat, 11 Mar 2023 06:13:56 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd22d111c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/upload-Promo-20230315191449.jpg
104.18.25.123200 OK 90 kB URL HTTP/2 hanabi188.nsp2d.com/images/upload-Promo-20230315191449.jpg
IP 104.18.25.123:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2023:03:15 16:50:43], progressive, precision 8, 900x180, components 3\012- data
Hash e8bd52fb351c85d8c132f389fb3c1985
2aadf23d28b734a906a3e2e2f3f410fa8ae8e272
9d2113702910c0da948cc1ae0ba9567727db8fce65c0d7679420595937148792
GET /images/upload-Promo-20230315191449.jpg HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/jpeg
content-length: 89644
last-modified: Wed, 15 Mar 2023 12:14:49 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd1fccf1c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/psr-ml.png
104.18.25.123200 OK 4.9 kB URL HTTP/2 hanabi188.nsp2d.com/images/psr-ml.png
IP 104.18.25.123:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 454f08364c0db1f09432aa24d7b7c531
0f768d3ed56a3a021ba99fdf03897f230e7afbb8
d65c174a12b842e01c052d4a152402457f44e843636a0b18af8cbd8094ad1129
GET /images/psr-ml.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 4858
last-modified: Sat, 11 Mar 2023 03:45:42 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd20ce31c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/upload-Promo-20230315191336.jpg
104.18.25.123200 OK 89 kB URL HTTP/2 hanabi188.nsp2d.com/images/upload-Promo-20230315191336.jpg
IP 104.18.25.123:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2023:03:15 16:46:26], progressive, precision 8, 900x180, components 3\012- data
Hash 08a01030562877f649c19761e8a3cb26
ffb49994867473a285a80fcf9abd4ffc8ba5bc3d
10be08c6c9a84213c1db9953a0c25bd582c4f16fb12f1d607c8b467df46e79f0
GET /images/upload-Promo-20230315191336.jpg HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/jpeg
content-length: 89184
last-modified: Wed, 15 Mar 2023 12:13:36 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd1fccd1c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/bgline2.png
104.18.25.123200 OK 1.9 kB URL HTTP/2 hanabi188.nsp2d.com/images/bgline2.png
IP 104.18.25.123:0
File type PNG image data, 1228 x 6, 8-bit/color RGB, non-interlaced\012- data
Hash 09f94b46a16aeb7059fd8af8c88cfedb
3a2de6ba2f29de535f0805458f3d91476487e9d1
a6fd5dfcacda3353d8da51be3bfc62770e1d3d480d32ce76bb05bc212d0a5603
GET /images/bgline2.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 1896
last-modified: Sat, 11 Mar 2023 03:50:51 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd23d291c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/kontak.png
104.18.25.123200 OK 5.0 kB URL HTTP/2 hanabi188.nsp2d.com/images/kontak.png
IP 104.18.25.123:0
File type PNG image data, 69 x 287, 8-bit/color RGBA, non-interlaced\012- data
Hash cc9ff1f22490e2cca070a57979aea150
c41c924a335152f8e6b07543ff4384e750e114f5
d13562a3a1a8c4e5dedebdc1924ce73f2944c82937d3f247d087caa16cb565f7
GET /images/kontak.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 4995
last-modified: Sat, 11 Mar 2023 03:50:53 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd23d2c1c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/bg.jpg
104.18.25.123200 OK 32 kB URL HTTP/2 hanabi188.nsp2d.com/images/bg.jpg
IP 104.18.25.123:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1901x488, components 3\012- data
Hash 32a20255458264ea8b7b82184d76e14e
ab79a840e2f2326277a674a37cf606375a9f72f9
e11ab782436f8a70ff8699d3f51afc07af49f0bad657041df634419f357c0caf
GET /images/bg.jpg HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/jpeg
content-length: 32355
last-modified: Sat, 11 Mar 2023 03:50:50 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd23d2b1c12-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hanabi188.nsp2d.com/images/psr-sg.png
104.18.25.123200 OK 5.8 kB URL HTTP/2 hanabi188.nsp2d.com/images/psr-sg.png
IP 104.18.25.123:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 62f2ba4b9e6571ffa4aaff9df88a1363
062d797e0b0e5d72fe4c67326da651e98120d997
eb3dba84673c3872ef5b868fd31ad9eff4138e566609cfd9fea427d218bb1413
GET /images/psr-sg.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 5752
last-modified: Sat, 11 Mar 2023 03:45:23 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd20ce21c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/upload-Promo-20230315191526.jpg
104.18.25.123200 OK 90 kB URL HTTP/2 hanabi188.nsp2d.com/images/upload-Promo-20230315191526.jpg
IP 104.18.25.123:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2023:03:15 18:05:03], progressive, precision 8, 900x180, components 3\012- data
Hash c24aabf75203f96c33574cfe9d593144
eaf6da6d48e9840283192a0fbf7722b3c2a2aa31
ec9efa59aff4b83d58175db6c29bbc4cde7fa11e73bd2daa89760b598115deb9
GET /images/upload-Promo-20230315191526.jpg HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/jpeg
content-length: 89496
last-modified: Wed, 15 Mar 2023 12:15:26 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd1fcd21c12-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
res.cloudinary.com/dvlff34qz/raw/upload/v1662715130/messagebox_vwnuna.js
104.19.166.65200 OK 5.7 kB URL HTTP/2 res.cloudinary.com/dvlff34qz/raw/upload/v1662715130/messagebox_vwnuna.js
IP 104.19.166.65:0
File type ASCII text, with very long lines (19826), with no line terminators
Hash f255873c4456c9af825d837ec56fb6ff
f727ac906b211ee3d6542efadb14a3439b44a230
843f9284560c8f52597bc1cecde4a9b84fe4f0c958d484280481b798d61ca463
GET /dvlff34qz/raw/upload/v1662715130/messagebox_vwnuna.js HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: text/javascript
content-length: 5694
cf-ray: 7ac8bfd33894b500-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=2592000
content-encoding: gzip
etag: W/"ff3646acb703a4755521a96df6dc0ac5"
last-modified: Fri, 09 Sep 2022 09:18:51 GMT
strict-transport-security: max-age=604800
vary: Accept-Encoding
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary
server-timing: cld-cloudflare;dur=180;start=2023-03-23T18:31:05.480Z;desc=miss,rtt;dur=2;cloudinary;dur=35;start=2023-03-23T18:31:05.568Z
timing-allow-origin: *
server: cloudflare
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/js/jquery.marquee.min.js
104.18.25.123200 OK 2.9 kB URL HTTP/2 hanabi188.nsp2d.com/js/jquery.marquee.min.js
IP 104.18.25.123:0
Hash f5edb7508d1c8728d48ccea021a32e7d
fafdfcc879f3c2dc819b8f78c0f8848c87611778
00797bad383bbfaee808444bff3a44075db96de99c4ddb420739709bc27af61a
GET /js/jquery.marquee.min.js HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: application/javascript
last-modified: Sat, 11 Mar 2023 03:46:02 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd23d301c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.84.241.69101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.84.241.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JsHZ5IRFQbaHuPOP6lPj6g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AoFkKgcO+DEDV30wGE413gQgqUU=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.pay4d.info/picrightsport-b.jpg
104.19.137.75200 OK 12 kB URL HTTP/2 img.pay4d.info/picrightsport-b.jpg
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b384a638dc5c10281228cd681469b5db
bf8625ff8f2a683d21cd384f671ce379b9a7c76d
0dc4e717442c9585c855bc2dcaa9d621be9fee18d541f724f0af33b3e57137ff
GET /picrightsport-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 11588
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13092
content-disposition: inline; filename="picrightsport-b.webp"
last-modified: Fri, 04 Nov 2022 13:42:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d27b503-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hanabi188.nsp2d.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
age: 87954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img.pay4d.info/live-ion.png
104.19.137.75200 OK 2.4 kB URL HTTP/2 img.pay4d.info/live-ion.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1a48e4a72414e5587b22eb4ac4ae959b
a3ac92a04917abab71a98503dcfff52be3af7cdb
e48ccb777ed57ca1eee701da53a8fa2d85b64639d0b8210e3160678e1753b144
GET /live-ion.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 2434
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6674
content-disposition: inline; filename="live-ion.webp"
last-modified: Fri, 26 Jun 2020 07:51:41 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30d02b503-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/capimg.php?4877
104.18.25.123200 OK 11 kB URL HTTP/2 hanabi188.nsp2d.com/capimg.php?4877
IP 104.18.25.123:0
File type PNG image data, 40 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash d2763594fe78eb771acbbe24cd7704fe
50eb41a6c09fdeea121a156ce0ce4569a3c7baba
737b945e61357dd5ad161a1a823af110ae5b41a6a617a15ddd900b816b2ccc63
GET /capimg.php?4877 HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ac8bfd22d121c12-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picleft.jpg
104.19.137.75200 OK 22 kB URL HTTP/2 img.pay4d.info/picleft.jpg
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b1bdc85cc48c85f6033c7ddca833b0c
df9589d7051fba1a5c2fd15b81b11f72f24caee0
7e599adfbea9fa50b6139eae70f7ee2214c9a0fd14a718f1d07bfd4b955ae63d
GET /picleft.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 22128
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=26042
content-disposition: inline; filename="picleft.webp"
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d22b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/informasi.png
104.19.137.75200 OK 496 B URL HTTP/2 img.pay4d.info/informasi.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 55734ca433dd15622f992f24a3750a77
625812100e07a5b85b1dca90d622c0deafa3410d
0b31e72e9209648652af2a9e36541fb4ca4015cdbca7f29ae1993824d379c395
GET /informasi.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 496
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2507
content-disposition: inline; filename="informasi.webp"
last-modified: Sat, 30 Jan 2021 10:28:59 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d16b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-alien-hunter.png
104.19.137.75200 OK 2.9 kB URL HTTP/2 img.pay4d.info/fish-alien-hunter.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 44ed1c2cb6486482db8d337636bd9494
7d7f1961857c405b2d72078ee512626a79ce2504
165db214f71fc24501cec62e40869ad284f2ef1fddae90933b570a605608b2a3
GET /fish-alien-hunter.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 2884
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9071
content-disposition: inline; filename="fish-alien-hunter.webp"
last-modified: Wed, 07 Jul 2021 11:05:14 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d13b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/sport-saba.png
104.19.137.75200 OK 1.8 kB URL HTTP/2 img.pay4d.info/sport-saba.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9dc335c8ab6468b47a49e492aa97af52
e8982a717f2557a1242a1dfd4511ceec6b47cd70
277b290785f86422c338396b72410c9dfb7f0672b608e6808f41365b3579f26f
GET /sport-saba.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 1770
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5247
content-disposition: inline; filename="sport-saba.webp"
last-modified: Mon, 19 Dec 2022 07:31:08 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30d0bb503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-sbo.png
104.19.137.75200 OK 1.3 kB URL HTTP/2 img.pay4d.info/live-sbo.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d82d79c98d9d30be3526d638e7eb2189
3c1054d400925292bc9c0bdca6f9d6b4b8cc7d50
1f379fc8801fe0287a907763ef57ebcf097aef6dd3773500df5f938aed097dc9
GET /live-sbo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 1316
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2322
content-disposition: inline; filename="live-sbo.webp"
last-modified: Tue, 14 Mar 2023 10:02:25 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30d0ab503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picrightsport.jpg
104.19.137.75200 OK 20 kB URL HTTP/2 img.pay4d.info/picrightsport.jpg
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d1f34718eb29953cdea660adc61f1ecd
4856b1c3779c7dcf70c23b5efd1dc29d70698efa
5a8d9b477da241d730a8f786ed294e4b5e5c868363130072dec8164399c5e743
GET /picrightsport.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 20504
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=46462
content-disposition: inline; filename="picrightsport.webp"
last-modified: Mon, 19 Dec 2022 07:27:45 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d26b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-zombie.png
104.19.137.75200 OK 2.8 kB URL HTTP/2 img.pay4d.info/fish-zombie.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 88304eeaf81e9ebd296a0d0e2ddb7be2
32c2c254dfa81406883e0507339c538a4af5ce3b
fab65eee93acd119c34e221f22ca4029d06a9fa9a5d93b56be894e4247ff7d81
GET /fish-zombie.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 2760
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9384
content-disposition: inline; filename="fish-zombie.webp"
last-modified: Thu, 05 Aug 2021 09:13:00 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d14b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/banner/slide-pp-nv.jpg
104.19.137.75200 OK 162 kB URL HTTP/2 img.pay4d.info/banner/slide-pp-nv.jpg
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 162 kB (161728 bytes)
Hash 631b1a0163330b48491c892ca9c2fa36
f25078dd0b6b432c2d8488a5a4e17f6d1d84cb24
07e7ff9d6a8f2c5cd2470c50b2cf5bb2627068a7851e061456c28d2de569ac9d
GET /banner/slide-pp-nv.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 161728
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=404575
content-disposition: inline; filename="slide-pp-nv.webp"
last-modified: Tue, 07 Mar 2023 07:16:37 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d17b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-evo.png
104.19.137.75200 OK 1.2 kB URL HTTP/2 img.pay4d.info/live-evo.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a27aeaaf4f87ea70e9d8f179dab9c1d6
acd3b82f10cf00f0487ca7fe1e22ad662d4638fd
9d16857bece7fbf86f719af897f7a7036dd151d2fa4d31e2ae08f863e0dfe179
GET /live-evo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 1224
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4930
content-disposition: inline; filename="live-evo.webp"
last-modified: Sat, 24 Dec 2022 07:19:19 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30cffb503-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
142.250.74.35200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hanabi188.nsp2d.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 17:33:08 GMT
expires: Thu, 21 Mar 2024 17:33:08 GMT
cache-control: public, max-age=31536000
age: 89877
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.postimg.cc/zv1BQJfv/pngegg-1.gif
162.19.88.69200 OK 206 kB URL HTTP/2 i.postimg.cc/zv1BQJfv/pngegg-1.gif
IP 162.19.88.69:0
File type GIF image data, version 89a, 650 x 650\012- data
Size 206 kB (206462 bytes)
Hash 8e6d20fb8c78a780d606ede44e92bba2
c5ade6dfe759d535c46c45ccddae020e58809f72
1b972af0f7c7a06adc242f1219879e84e22a55bfeea67cdef0e325f2aa826ef0
GET /zv1BQJfv/pngegg-1.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/gif
content-length: 206462
last-modified: Sun, 03 Jul 2022 20:07:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
img.pay4d.info/icon-promo.png
104.19.137.75200 OK 15 kB URL HTTP/2 img.pay4d.info/icon-promo.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 11a8e2c003ba77a68232b9d691a26bec
44a0551575e11d99ba5af824dffa53da30ae290c
e5090f48858bf3a2ffc2caf8463340102846ca61ebeced2378f1749525e3be52
GET /icon-promo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 15448
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35857
content-disposition: inline; filename="icon-promo.webp"
last-modified: Fri, 13 Nov 2020 07:11:14 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30ceab503-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
142.250.74.35200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 9588, version 1.0\012- data
Hash 55d912c794126956bb1e8f41597c131f
f7ade582dbe9d0efe97ae105cab313c6e45904d4
8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699
GET /s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hanabi188.nsp2d.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:29:39 GMT
content-type: font/woff2
age: 87954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/upload-Slides-20230315220154.jpg
104.18.25.123200 OK 175 kB URL HTTP/2 hanabi188.nsp2d.com/images/upload-Slides-20230315220154.jpg
IP 104.18.25.123:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2023:03:15 22:01:41], progressive, precision 8, 1900x380, components 3\012- data
Size 175 kB (174981 bytes)
Hash c6240d72ab5e3dd2c6c6d00fdb3ee490
702276d66c09744a52d606802e3fdf52ad0948e7
a475cb206899e3db0646017f48d110317385d42d11b36313e4a736410a00923c
GET /images/upload-Slides-20230315220154.jpg HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/jpeg
content-length: 174981
last-modified: Wed, 15 Mar 2023 15:01:54 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd22d171c12-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-tembakikan.png
104.19.137.75200 OK 2.1 kB URL HTTP/2 img.pay4d.info/mobile-tembakikan.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bfdeefb05e569edf1028afb65895653c
97478d745112e48f9400eaeab7e84c41c60ceec2
02f0b6b2e6ee24f5bf2774b69109e9f1f0c5d1deafda081ed4c48d62b90ab9dd
GET /mobile-tembakikan.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 2106
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5201
content-disposition: inline; filename="mobile-tembakikan.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d20b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picmid.jpg
104.19.137.75200 OK 34 kB URL HTTP/2 img.pay4d.info/picmid.jpg
IP 104.19.137.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data
Hash 9ff8825bea0abb9177794729b5932760
9424c5ff2b125bc8d319313875c90c5393183b36
18179e3e611fdec3356c387f78b85ff7201fd7ee6166eb5aff06aa851cbe4b82
GET /picmid.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/jpeg
content-length: 34044
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=36646, status=webp_bigger
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd31d24b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-hab.png
104.19.137.75200 OK 1.9 kB URL HTTP/2 img.pay4d.info/slot-hab.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 158c1eeabbd166126f46035ec5e6d457
83fa7159d10da9989fc9853ee6f96ab57b065e83
11bd40a973e0e088856ced2e923bb0badeb4291c9ea0d11386d9a469817eeda0
GET /slot-hab.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 1888
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5768
content-disposition: inline; filename="slot-hab.webp"
last-modified: Wed, 18 Dec 2019 05:38:14 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30cf5b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-jok.png
104.19.137.75200 OK 2.0 kB URL HTTP/2 img.pay4d.info/slot-jok.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c3d6ce73337d8098402370b95ce184d6
f82824809e6fc6b5bc0696c7dce5942ab17abac5
21cd86f323c17093d4d78ba1e98352a00c8459cb70d1135006cf1de90b0388b3
GET /slot-jok.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 2000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7983
content-disposition: inline; filename="slot-jok.webp"
last-modified: Wed, 18 Dec 2019 05:38:14 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30cfcb503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picmid-b.jpg
104.19.137.75200 OK 15 kB URL HTTP/2 img.pay4d.info/picmid-b.jpg
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0c1529f020c074a7b842450c7f16a68d
8b43b7b243b9bf77b76752761e8b6f37b411eee6
19c25a970b6072f6ca8591da540cb3e206bba681ec5080360b6d01c740ebb5fd
GET /picmid-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 14562
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=43795
content-disposition: inline; filename="picmid-b.webp"
last-modified: Wed, 22 Feb 2023 08:07:21 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d25b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-casino.png
104.19.137.75200 OK 4.0 kB URL HTTP/2 img.pay4d.info/mobile-casino.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a4ec13dedac773682a95ad0357c883d9
ac08067b8b14c320590fd8e0d9f46fee95c98064
34d33f63decd18d046d7ce1eaa41df45fd546a36c020d1aa2460c68d4e382a05
GET /mobile-casino.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/webp
content-length: 3982
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8816
content-disposition: inline; filename="mobile-casino.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:05 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d1eb503-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/upload-Slides-20230315223043.jpg
104.18.25.123200 OK 310 kB URL HTTP/2 hanabi188.nsp2d.com/images/upload-Slides-20230315223043.jpg
IP 104.18.25.123:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2023:03:15 22:30:25], progressive, precision 8, 1900x380, components 3\012- data
Size 310 kB (309765 bytes)
Hash 94532df77ba842d4a3661ef02de11844
572c4ebe7b2bd6d8fc2ff3f5af60d4bb9ca40215
e597ef2df0846dab1c389822303066752c471c66da7fc7f807710f71b81a490d
GET /images/upload-Slides-20230315223043.jpg HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/jpeg
content-length: 309765
last-modified: Wed, 15 Mar 2023 15:30:43 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd22d181c12-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hanabi188.nsp2d.com/images/upload-Slides-20230315215107.jpg
104.18.25.123200 OK 259 kB URL HTTP/2 hanabi188.nsp2d.com/images/upload-Slides-20230315215107.jpg
IP 104.18.25.123:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2023:03:15 21:50:05], progressive, precision 8, 1900x380, components 3\012- data
Size 259 kB (259039 bytes)
Hash 11181372b73cfbe808d32542f825203f
3fa79ca088043804584d034f111e526655a577fc
855800e1a81ba3926e312d5eaa5a11fe57fb1c11b5e327cfe302f1476c13108d
GET /images/upload-Slides-20230315215107.jpg HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/jpeg
content-length: 259039
last-modified: Wed, 15 Mar 2023 14:51:07 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd22d141c12-OSL
X-Firefox-Spdy: h2
i.postimg.cc/CxNt2zbC/372108180-WHATSAPP-ICON-400.gif
162.19.88.69200 OK 796 kB URL HTTP/2 i.postimg.cc/CxNt2zbC/372108180-WHATSAPP-ICON-400.gif
IP 162.19.88.69:0
File type GIF image data, version 89a, 400 x 400\012- data
Size 796 kB (796494 bytes)
Hash 9dd2848bf2d4b41d58a35fcff132a4b5
126644d379f82c9a9f9d0f1076ce287a39e782b8
963afb25d697cf3af04546a81116e0df20985d753956d5a92a0b4584f8d3bc0e
GET /CxNt2zbC/372108180-WHATSAPP-ICON-400.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/gif
content-length: 796494
last-modified: Fri, 01 Jul 2022 04:01:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/fonts/glyphicons-halflings-regular.woff2
104.18.25.123200 OK 18 kB URL HTTP/2 hanabi188.nsp2d.com/fonts/glyphicons-halflings-regular.woff2
IP 104.18.25.123:0
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
GET /fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/css/bootstrap.min.css
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: font/woff2
content-length: 18028
last-modified: Sat, 11 Mar 2023 03:45:10 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd3ff3a1c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/images/logo.png
104.18.25.123200 OK 58 kB URL HTTP/2 hanabi188.nsp2d.com/images/logo.png
IP 104.18.25.123:0
File type PNG image data, 450 x 131, 8-bit/color RGBA, non-interlaced\012- data
Hash 8fb5b2d577b591bdcfcb9a59bf1f623b
4f68c52d66665e6f7114964bf048bf0210397d5b
7d7660faaabcad80a2b5e6bbfaa7aaa9e8f200604ab798e14f15c3c97c7be481
GET /images/logo.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
content-length: 57507
last-modified: Sat, 11 Mar 2023 06:13:57 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd1ecae1c12-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-togel.png
104.19.137.75200 OK 2.8 kB URL HTTP/2 img.pay4d.info/mobile-togel.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 24ee8246bf5b00f82e391b3de2c9530d
44b86adefeab3260148aadfa367cf35c602b6761
04ea1ba435c65231d96bea3e735c0bc193beb05f7e921a354ef593dbfd7528fb
GET /mobile-togel.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 2816
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6237
content-disposition: inline; filename="mobile-togel.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d1cb503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picright-b.jpg
104.19.137.75200 OK 21 kB URL HTTP/2 img.pay4d.info/picright-b.jpg
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11b3651cddd57d137ad1f9f632ca7360
7ac7d221ec9c1865dc06138b53fe870e6bccdb97
43c4b555f21c351bdd7b5953b63d93078c02def41fe3b333c85822aaca5bf5ef
GET /picright-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 20622
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=24384
content-disposition: inline; filename="picright-b.webp"
last-modified: Fri, 04 Nov 2022 13:42:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30ce8b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-mg.png
104.19.137.75200 OK 1.1 kB URL HTTP/2 img.pay4d.info/slot-mg.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ab217824849c8bc2f05240458ef55574
06b015108c8fc22469d8e5a4c371e6d05c04b624
326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72
GET /slot-mg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 1092
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4064
content-disposition: inline; filename="slot-mg.webp"
last-modified: Tue, 15 Mar 2022 06:24:42 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30cfbb503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picright.jpg
104.19.137.75200 OK 23 kB URL HTTP/2 img.pay4d.info/picright.jpg
IP 104.19.137.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data
Hash 4d21cb6ce4fcf78445d50ec994697f8b
df4d5433b0acbf6ee3a0db62663f071b2fb01275
b267ac51d20c09b4e5bb4f90f30fac9fb72c024f4448eff75cbccdba316da2e6
GET /picright.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/jpeg
content-length: 23329
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=26379, status=webp_bigger
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd31d28b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-all.png
104.19.137.75200 OK 2.5 kB URL HTTP/2 img.pay4d.info/live-all.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 80ab66e968b68828f745dbd67b94dfc8
18d70a225ba9f5c51d79d286178312966d339f76
bf207416b528a9c36145e5943266d17c909af991f3512d62636b85eb8232ab5f
GET /live-all.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 2548
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9511
content-disposition: inline; filename="live-all.webp"
last-modified: Mon, 07 Sep 2020 10:34:19 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30d06b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/banner/slide-sg-maret22.jpg
104.19.137.75200 OK 92 kB URL HTTP/2 img.pay4d.info/banner/slide-sg-maret22.jpg
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 105c16964ad2e9baf7e2bf1a04a7c224
d7c82b054f90bee20a095af56d085d0dc826c847
b51ad128621c39ffbacd99b0c0d719145f10b7daa6b7c6a40cbedbeae422ab4f
GET /banner/slide-sg-maret22.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 91720
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=145104
content-disposition: inline; filename="slide-sg-maret22.webp"
last-modified: Fri, 17 Mar 2023 09:42:40 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d19b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-fishing-god.png
104.19.137.75200 OK 4.1 kB URL HTTP/2 img.pay4d.info/fish-fishing-god.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a0948f83578f51b07453a73d2e7feb0e
0e3f824762ed0f79c93200f05b8b631535e62d50
294f599a73342736676eb2d36724e27f9ace65053d1eec0d5267318608dcb49d
GET /fish-fishing-god.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 4084
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8579
content-disposition: inline; filename="fish-fishing-god.webp"
last-modified: Tue, 30 Mar 2021 09:18:46 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30d0eb503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-sport.png
104.19.137.75200 OK 2.7 kB URL HTTP/2 img.pay4d.info/mobile-sport.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 02a8a80face04e69f3bfa68f686f57bb
61f8a41a95694c27a307199407af513dde0dc43e
d9cd2cc3ba7a11673f072f321e83694c7da5979c0adda00e26de15d9a1f43797
GET /mobile-sport.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 2730
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6408
content-disposition: inline; filename="mobile-sport.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d1fb503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/icon-kontak.png
104.19.137.75200 OK 13 kB URL HTTP/2 img.pay4d.info/icon-kontak.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 03428e550c367a0b470f6fe70d6d55c0
80b591a03333d4bec9e5ab54a0c3f4c1ed45367e
277e7027c4afd477229e58b7a992d3c43ec2b1406693a3283a8d5a59ceb09b1a
GET /icon-kontak.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 12922
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=28713
content-disposition: inline; filename="icon-kontak.webp"
last-modified: Fri, 13 Nov 2020 07:38:15 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30cecb503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/buku-mimpi.png
104.19.137.75200 OK 734 B URL HTTP/2 img.pay4d.info/buku-mimpi.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 47e11b51ac743eaa8cf239317b274ed5
2f8e7efe94b9a2bc33e4a2cfa5d56c767e53f2b6
e102b58cf346532436c7e47dc3e2e29fc53b5b550e0fcd1c4200aadce03bb7e6
GET /buku-mimpi.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 734
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3014
content-disposition: inline; filename="buku-mimpi.webp"
last-modified: Sat, 30 Jan 2021 10:28:57 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d15b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-sg.png
104.19.137.75200 OK 2.8 kB URL HTTP/2 img.pay4d.info/live-sg.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5fde10bbbfdf170112f4bc9859955ed5
e73a68c4221288b52a848a67801f9bcd387ba2ea
60bb4f59c40e9ef9f1d2be56a2a7324a8750e339de1efb9b96840314b8581628
GET /live-sg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 2814
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=11259
content-disposition: inline; filename="live-sg.webp"
last-modified: Thu, 10 Dec 2020 08:44:39 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30d09b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-pp.png
104.19.137.75200 OK 1.4 kB URL HTTP/2 img.pay4d.info/live-pp.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1f1aa38c5a91ca20b6bfdee9245eebc2
5f00a7a39257fc368e3fcaaf0b923f6a9fd49bcf
57d9d0b26be6a4ea6d8894ff8dab03ea2c4400155146d5380281f4a589966e65
GET /live-pp.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 1418
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7765
content-disposition: inline; filename="live-pp.webp"
last-modified: Fri, 26 Jun 2020 07:51:40 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30cfeb503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/pop/mobile-opus.jpg
104.19.137.75200 OK 23 kB URL HTTP/2 img.pay4d.info/pop/mobile-opus.jpg
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8b2e99c2b1198e4e70265c4c22052d1d
c70cc9c8ef19d705c9e2f52c4ab117c144475bf8
416d4555bf08797962cca703a7875eff93bf5f4e229311f690d767a2b1fef425
GET /pop/mobile-opus.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 23202
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=50800
content-disposition: inline; filename="mobile-opus.webp"
last-modified: Fri, 17 Mar 2023 09:43:12 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30cefb503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-opus.png
104.19.137.75200 OK 1.3 kB URL HTTP/2 img.pay4d.info/live-opus.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ff58f7baf1903414b9e121fa194c01a0
9686d2811e39d923e00d3573d187e84dda29fdba
d68d2439ada8dcdb278433a33da32e2659f34ce90cc7c9023180bbd3dd92f54a
GET /live-opus.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 1330
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4303
content-disposition: inline; filename="live-opus.webp"
last-modified: Fri, 26 Aug 2022 10:55:33 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30d04b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picleft-b.jpg
104.19.137.75200 OK 13 kB URL HTTP/2 img.pay4d.info/picleft-b.jpg
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 20e0f9d9ce6a4100cebc7f77d8153df7
306d38fdbdae137a1deadee107725863547f5d4c
08cab18237e450c3442a927499fd14b679ac31ce7fe0838bd77758bd567292e8
GET /picleft-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 12778
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=39642
content-disposition: inline; filename="picleft-b.webp"
last-modified: Wed, 15 Mar 2023 10:20:00 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d23b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-fishing-war.png
104.19.137.75200 OK 4.2 kB URL HTTP/2 img.pay4d.info/fish-fishing-war.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5de4388ad28949bab321d81e8afd639b
320c986e3c630e937333639364dcf80ef7dc19a2
54d4dfa543f1b8e4c544ce229b644b2671722eca476c6b8cb9df759e2375561f
GET /fish-fishing-war.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 4158
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=10616
content-disposition: inline; filename="fish-fishing-war.webp"
last-modified: Tue, 30 Mar 2021 09:18:46 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30d10b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-mg.png
104.19.137.75200 OK 1.1 kB URL HTTP/2 img.pay4d.info/live-mg.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ab217824849c8bc2f05240458ef55574
06b015108c8fc22469d8e5a4c371e6d05c04b624
326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72
GET /live-mg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 1092
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4064
content-disposition: inline; filename="live-mg.webp"
last-modified: Tue, 15 Mar 2022 06:24:43 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30d03b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-ttg.png
104.19.137.75200 OK 356 B URL HTTP/2 img.pay4d.info/slot-ttg.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3ce52bfdf47ac5aeec429c7d844f8309
20ecca3cdae26598825aca9d3180721585936d76
574449c76cb20fb822d17cec93a25ed069371c78d8f6e9efb0daa4924a411a56
GET /slot-ttg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 356
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2467
content-disposition: inline; filename="slot-ttg.webp"
last-modified: Sat, 14 Mar 2020 09:33:42 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30cfdb503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/sport-sbo.png
104.19.137.75200 OK 916 B URL HTTP/2 img.pay4d.info/sport-sbo.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cae13d2cc7b31af8015e56b8fea2fc1e
27b5f0536f897c018485311e47acb4b6f28b5eac
d3373d5f14a658e23f379b60fbadf2d4439ffd043826cbe4f9efb13e7ac4b591
GET /sport-sbo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 916
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4025
content-disposition: inline; filename="sport-sbo.webp"
last-modified: Mon, 19 Dec 2022 07:31:08 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30d0db503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-cq9.png
104.19.137.75200 OK 1.2 kB URL HTTP/2 img.pay4d.info/slot-cq9.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c1a383f5c29c2a1abb0146f00f976edd
d044fc1b18c28a0129ef1ffbeba52166614d057e
cef9e6fabf6bc11ddbe76f0abec0e0f7106ba78a0b5499c3c640d82c8a7d6701
GET /slot-cq9.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 1182
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4157
content-disposition: inline; filename="slot-cq9.webp"
last-modified: Wed, 10 Nov 2021 17:01:06 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30cf7b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-prag.png
104.19.137.75200 OK 1.4 kB URL HTTP/2 img.pay4d.info/slot-prag.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8e7ecdf154298edbc92186de70734ff7
10402bf0a46147d1b1e6e41ded452c24faa6dce6
b13a36e2d82b2cd019af41f40af642d37641573770e11980ecc12e2dce55d713
GET /slot-prag.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 1416
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5251
content-disposition: inline; filename="slot-prag.webp"
last-modified: Wed, 18 Dec 2019 05:38:15 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30cf1b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-pg.png
104.19.137.75200 OK 1.7 kB URL HTTP/2 img.pay4d.info/slot-pg.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 86ec152055228538f1a8f8943f179a97
ef30830c693272695c7cf5f2ac12679c75a2db18
a643c08a5d025958c4499731c62c3cc78663aa9c6bd2d567bbff38b4637b339b
GET /slot-pg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 1740
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5084
content-disposition: inline; filename="slot-pg.webp"
last-modified: Tue, 08 Jun 2021 09:18:38 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30cf4b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-slot.png
104.19.137.75200 OK 3.0 kB URL HTTP/2 img.pay4d.info/mobile-slot.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bd496c55acc5fdb1ebe53c18e7b78a2e
256827a0c6474898129d22b1cfa7fadc88d96b70
414beef5dd52d21ddb304d58eedf9a6503a42523de9f54922c76f567343cdfc3
GET /mobile-slot.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 3002
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6674
content-disposition: inline; filename="mobile-slot.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd31d1db503-OSL
X-Firefox-Spdy: h2
cdn.livechatinc.com/tracking.js
95.101.10.171200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
Hash ca1a1fad7045926f80ec420ab6ca655e
236a40dc90d1cf21d4fbec8f37a29e5aa81bc142
d0bcb77b6046af479839fc31f4f7f9765029706304ed8ed8319ba577e40d81b8
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 15 Mar 2023 09:03:42 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: .nmbWTWYSt4mObEbpFmxweZDq.QZWcu.
server: AmazonS3
content-encoding: br
etag: W/"840d6e442c74218df05e0d3ded6c2d57"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: OZOokg-H8VdEBY_X8qqQ8rQcd5KR-iVNIeudULpmlHzp-r8tqSnqGQ==
content-length: 26391
cache-control: max-age=28800
expires: Fri, 24 Mar 2023 02:31:06 GMT
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
img.pay4d.info/slot-spad.png
104.19.137.75200 OK 1.3 kB URL HTTP/2 img.pay4d.info/slot-spad.png
IP 104.19.137.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d6290e499ede13e741045d26dfbd95bf
73a41f0d753bb0843be9bfb147e1999ced0e30d5
ccdb75fdea9558a8454442831c45017f205cd8729bc2f0399b91e1fb2473cd89
GET /slot-spad.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/webp
content-length: 1258
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4945
content-disposition: inline; filename="slot-spad.webp"
last-modified: Wed, 18 Dec 2019 05:38:16 GMT
vary: Accept
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac8bfd30cf9b503-OSL
X-Firefox-Spdy: h2
img.pay4d.info/banner/banner-pg-lebaran.jpg
104.19.137.75200 OK 115 kB URL HTTP/2 img.pay4d.info/banner/banner-pg-lebaran.jpg
IP 104.19.137.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1900x380, components 3\012- data
Size 115 kB (114655 bytes)
Hash 249ed9b57827aa7322154efc78dc9456
93bc49697cb534c6358e8ce219d1880d4a9789c6
b484cfc93b1a7c5a029816fe78a102da5f5f05c46d200407c5f0ede72b1a79fc
GET /banner/banner-pg-lebaran.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: image/jpeg
content-length: 114655
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=123052, status=webp_bigger
last-modified: Tue, 14 Mar 2023 10:07:56 GMT
cf-cache-status: HIT
expires: Thu, 23 Mar 2023 20:31:06 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd31d18b503-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 2724bbf2cabe17dac62e6b3584ba5239
9ac02c7735e822ed2c73d5653a57a6a2d6516971
e5b64993f6ce2cef9f8e1cc048ed871f3aa18c816ff2c9920e9bd01b91fcae1d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 18:31:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2023 23:50:05 GMT
Expires: Mon, 27 Mar 2023 23:50:04 GMT
Etag: "9ac02c7735e822ed2c73d5653a57a6a2d6516971"
Cache-Control: max-age=364137,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ac8bfd32c121c06-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2673
Expires: Thu, 23 Mar 2023 19:15:39 GMT
Date: Thu, 23 Mar 2023 18:31:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2673
Expires: Thu, 23 Mar 2023 19:15:39 GMT
Date: Thu, 23 Mar 2023 18:31:06 GMT
Connection: keep-alive
api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=15195606&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fhanabi188.nsp2d.com%2F%3Fapk&channel_type=code&jsonp=__mii1gafh2ta
95.101.10.171200 OK 383 B URL HTTP/2 api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=15195606&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fhanabi188.nsp2d.com%2F%3Fapk&channel_type=code&jsonp=__mii1gafh2ta
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (383), with no line terminators
Hash 37a4d0cd49a373362753622cf806dee5
dff63eaba28f1f0672d55b416a019619d38f265f
d00012008b45e196c573e72422b8eb463e9b6d9a40a0c55a4075023d15e1823f
GET /v3.6/customer/action/get_dynamic_configuration?license_id=15195606&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fhanabi188.nsp2d.com%2F%3Fapk&channel_type=code&jsonp=__mii1gafh2ta HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://hanabi188.nsp2d.com/;
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-frame-options: allow-from https://hanabi188.nsp2d.com/
content-length: 383
date: Thu, 23 Mar 2023 18:31:06 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2673
Expires: Thu, 23 Mar 2023 19:15:39 GMT
Date: Thu, 23 Mar 2023 18:31:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412bd6aea60211324e649d7d920601d2
a813976bda850a584b5ab94d9a70bfe0da69aca0
d36ef17fc6ab3cd4e5e43836f7df2c6fdf1781f1bac73e42c9a09e8594f797f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 1b374321-f2df-404f-ab91-4e73d830fac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqmAEhHoAMFgRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a248c-217d81154ecfe0c44ca70432;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:41:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 3EQiNxuVVZEQZb14f9NC8565Ky3LV0Oj5JWg-_fVc9-B91xgBuHB5Q==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:48:05 GMT
age: 74581
etag: "a813976bda850a584b5ab94d9a70bfe0da69aca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 4xGMCVWy2EXLLN8keteGLQvQjOp6KH97rkn_FK10eyng0-5EudcOig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:33 GMT
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
age: 74854
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2062cf7a271d4ac7a04c0a746d443e07
3343851f2128c5f1fe4302c2aa53e8ce1fb661ac
e479263c1742d2597cf8948ef059b0bc97dbb97f47bb5cafee3d4af12069d2ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 87aba2e6-d7e8-4456-a12f-e05ac556b839
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqJhGnXIAMF1yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a23d6-2b6c3d62366f47f506ce8415;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:38:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: lKww3e9Hvk0r0LPn7u6pu6Fx9V8RThNVxQEdyWVFAQdOun-53X-tLw==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:01:26 GMT
age: 73781
etag: "3343851f2128c5f1fe4302c2aa53e8ce1fb661ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e89d0b1281259e7399294fb5fa19d2b
5035ed41f497c97faefae9cdaf42dc07ab468557
f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10284
x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM6hjEqtIAMFvXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: g53sZY66fiEL8H79MzI7c7rqI-c-XxMvgB3myz79aw_lE9Aqgc66LQ==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:32:23 GMT
age: 39524
etag: "5035ed41f497c97faefae9cdaf42dc07ab468557"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: PNAVsyfdAHjn5F6Rt1uz1U46QCIGvTCqZatbAurr6Ilu0quHWExuSw==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:34 GMT
age: 74853
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: V_1L8vYf9-uS_-cGgsCstGC__IYpLZjEa0gOlsYgYOWwNJxxXJo83g==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:09:40 GMT
age: 73287
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=39825661-03b6-4369-bd31-8bfed25d139e&version=11.1.1.5.23.15.1.1.1.1.1.1.130&group_id=0&jsonp=__lc_static_config
95.101.10.171200 OK 1.6 kB URL HTTP/2 api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=39825661-03b6-4369-bd31-8bfed25d139e&version=11.1.1.5.23.15.1.1.1.1.1.1.130&group_id=0&jsonp=__lc_static_config
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4692), with no line terminators
Hash e045b98f0e7806a45dc0b986e3da54d5
264396b6cd928581ef07a9db8d9d6bd6dfb69133
55adc92a3173e35fef74780edeab9df8273b8128c87a288f414d86b0e75c9200
GET /v3.4/customer/action/get_configuration?organization_id=39825661-03b6-4369-bd31-8bfed25d139e&version=11.1.1.5.23.15.1.1.1.1.1.1.130&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
vary: Accept-Encoding
content-length: 1591
cache-control: public, max-age=600
expires: Thu, 23 Mar 2023 18:41:07 GMT
date: Thu, 23 Mar 2023 18:31:07 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=39825661-03b6-4369-bd31-8bfed25d139e&version=13159fb2ee05429e3ae48a4031b3d0e0_be72ed116730434001c7e58b768559df&language=id&group_id=0&jsonp=__lc_localization
95.101.10.171200 OK 4.0 kB URL HTTP/2 api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=39825661-03b6-4369-bd31-8bfed25d139e&version=13159fb2ee05429e3ae48a4031b3d0e0_be72ed116730434001c7e58b768559df&language=id&group_id=0&jsonp=__lc_localization
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (11610), with no line terminators
Hash 8464ef330424bd71ad429426234812a6
652e480e6966b828a4b778c9bcd3291e0afac9ee
a3d7050fd4163777808144849fe13d183a2267c581a211f425ecdd0d20212691
GET /v3.4/customer/action/get_localization?organization_id=39825661-03b6-4369-bd31-8bfed25d139e&version=13159fb2ee05429e3ae48a4031b3d0e0_be72ed116730434001c7e58b768559df&language=id&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Thu, 23 Mar 2023 18:41:07 GMT
date: Thu, 23 Mar 2023 18:31:07 GMT
content-length: 3985
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=15195606&group=0&embedded=1&widget_version=3&unique_groups=0
95.101.10.171200 OK 2.6 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=15195606&group=0&embedded=1&widget_version=3&unique_groups=0
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Hash 0fa67c2edb3d404fbb15d383b079eedf
43d8626b6e24dff3cf937cc4143c10049acaf352
072e11771425c25df2301aea4faf826eb985eabc76ca8e3854f2daa32429fdcd
GET /customer/action/open_chat?license_id=15195606&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Thu, 23 Mar 2023 18:31:07 GMT
content-length: 2559
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/1.56ff3dd7.chunk.js
95.101.10.171200 OK 70 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.56ff3dd7.chunk.js
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash d4a6c6921f876cd2f488f71c9c6cf75d
1d7ad268a3d997ea733358fb2a59bc1c63237228
a902ad487c258a2f2ca559f0c4f3cf540927d525ed75e733ff855569801839b7
GET /widget/static/js/1.56ff3dd7.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Mar 2023 09:29:10 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: xiuRP9ngsNjNTs9HmKs.2KjQwzL8hteR
server: AmazonS3
content-encoding: gzip
etag: W/"82d0dc19c8413c5682ac79122698124f"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 1Ju3aoLVwFnxywB-GMtF9U-LNufXAU6MGvOY5o_xLjag8KCa5ifzsg==
content-length: 69875
cache-control: max-age=31536000
expires: Fri, 22 Mar 2024 18:31:07 GMT
date: Thu, 23 Mar 2023 18:31:07 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/webdata.php?content=mobileapp
104.18.25.123200 OK 16 kB URL HTTP/2 hanabi188.nsp2d.com/webdata.php?content=mobileapp
IP 104.18.25.123:0
File type HTML document, ASCII text, with very long lines (47600)
Hash 96a55e5b849ded4fea2bcc6c19396134
8a8c42c7dfecdf46846c7483a77b7f1e0c5ecddf
95dc1eeaf474450554f047d46382e00dd97cce27b4d928d820aaaa120c6c0f89
GET /webdata.php?content=mobileapp HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ac8bfd92dee1c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
95.101.10.171200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Hash d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12688
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw==
cache-control: max-age=31536000
expires: Fri, 22 Mar 2024 18:31:07 GMT
date: Thu, 23 Mar 2023 18:31:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
95.101.10.171200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Hash 3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Fri, 22 Mar 2024 18:31:07 GMT
date: Thu, 23 Mar 2023 18:31:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/webdata.php?content=broadcast
104.18.25.123200 OK 1.2 kB URL HTTP/2 hanabi188.nsp2d.com/webdata.php?content=broadcast
IP 104.18.25.123:0
Hash 7561bab75000071fb931a2fd588c79ea
4aa9a57f0269a668b3752e0531956e61ba819b49
3e0c18275b852cad89abc93ce0dfc165dbd971bd34daec50022bc80c512facd4
GET /webdata.php?content=broadcast HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ac8bfd91de31c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/favicon.png
104.18.25.123200 OK 77 kB URL HTTP/2 hanabi188.nsp2d.com/favicon.png
IP 104.18.25.123:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 1da28189e921b13e80682666dc8825e0
9b99687a9d49140a194d72b77d7e9bccf69df389
1bfec8f4b662c5f8cb5e9a6f39725a5cd457b2c7b839650d967e0f5984dd52ea
GET /favicon.png HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:07 GMT
content-type: image/png
content-length: 76686
last-modified: Wed, 15 Mar 2023 12:16:28 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:07 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfe01ea01c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/webdata.php?content=desktopapp
104.18.25.123200 OK 2.8 kB URL HTTP/2 hanabi188.nsp2d.com/webdata.php?content=desktopapp
IP 104.18.25.123:0
Hash 85a1fe14a0b8492f678cb186db8167d5
56aae3277ba1ec7391751868770a1dfaf24159d8
bec4f62d2888a389f0f2d48578d1646d09263d9d18bb10cb17cdb61fd7501b55
GET /webdata.php?content=desktopapp HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ac8bfd92df01c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.livechatinc.com/v2/customer/token
95.101.10.171200 OK 195 B URL HTTP/2 accounts.livechatinc.com/v2/customer/token
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash fc857b14878ac6cff8aaa95d14a7120e
404b311dbad18fa2008e2843a39c2adf46733127
8b7b634be4d95b7a8551255b9139a0f9e380eedd31a0a02efb35ff5dbb0aa220
POST /v2/customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 225
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 195
date: Thu, 23 Mar 2023 18:31:07 GMT
set-cookie: __lc_cid=05c1be46-55c7-45ae-9c4d-6b1b946322ac; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Sun, 23 Mar 2025 18:31:07 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=39396355cd8ddf40c2d381ca75f83e9270bf143281e09a7cf02585ae7d9ef43c161f40c847a5ed5c44dcff9e7f96b7cc34e4c65b7e2a7595b455162d5348; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Sun, 23 Mar 2025 18:31:07 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=05c1be46-55c7-45ae-9c4d-6b1b946322ac; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Sun, 23 Mar 2025 18:31:07 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=39396355cd8ddf40c2d381ca75f83e9270bf143281e09a7cf02585ae7d9ef43c161f40c847a5ed5c44dcff9e7f96b7cc34e4c65b7e2a7595b455162d5348; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Sun, 23 Mar 2025 18:31:07 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1679596297&tag=d29ad7ba96ff2685869738ea7e1c2350a7215311; Path=/; Expires=Thu, 23 Mar 2023 18:31:37 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
api.livechatinc.com/v3.4/customer/rtm/ws?organization_id=39825661-03b6-4369-bd31-8bfed25d139e
95.101.10.202101 Switching Protocols 0 B URL HTTP/1.1 api.livechatinc.com/v3.4/customer/rtm/ws?organization_id=39825661-03b6-4369-bd31-8bfed25d139e
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.4/customer/rtm/ws?organization_id=39825661-03b6-4369-bd31-8bfed25d139e HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EzFs4EBNY4qr0k7tkMVqMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: U9UJ6hyPw2ThZyx+uu/9NGgK/p0=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2024-05-31
Date: Thu, 23 Mar 2023 18:31:08 GMT
Upgrade: websocket
Connection: Upgrade
cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Fcdn.livechat-files.com%2Fapi%2Ffile%2Flc%2Fmain%2F15195606%2F0%2Fec%2F1b067e90bba4678359efbd5fda9b6f10.png
95.101.10.171200 OK 17 kB URL HTTP/2 cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Fcdn.livechat-files.com%2Fapi%2Ffile%2Flc%2Fmain%2F15195606%2F0%2Fec%2F1b067e90bba4678359efbd5fda9b6f10.png
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type PNG image data, 350 x 150, 8-bit colormap, non-interlaced\012- data
Hash 8d3da1bff1d92f12d389d3c35dac5c85
443f486a2f506ecaa3203f24a9a98741991263e1
ff10dd84715e7e967782ed90e1e22c6f58c4a75d1c74909d08eb91bf72883cf3
GET /cloud/?uri=https%3A%2F%2Fcdn.livechat-files.com%2Fapi%2Ffile%2Flc%2Fmain%2F15195606%2F0%2Fec%2F1b067e90bba4678359efbd5fda9b6f10.png HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
content-length: 17084
access-control-allow-origin: *, *
content-type: image/png
cache-control: public, max-age=63071999
expires: Sat, 22 Mar 2025 18:31:08 GMT
date: Thu, 23 Mar 2023 18:31:09 GMT
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/js/jquery.pause.min.js
104.18.25.123200 OK 0 B URL HTTP/2 hanabi188.nsp2d.com/js/jquery.pause.min.js
IP 104.18.25.123:0
GET /js/jquery.pause.min.js HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: application/javascript
last-modified: Sat, 11 Mar 2023 03:45:59 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd23d331c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/webdata.php?status=time
104.18.25.123200 OK 0 B URL HTTP/2 hanabi188.nsp2d.com/webdata.php?status=time
IP 104.18.25.123:0
GET /webdata.php?status=time HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ac8bfd92df41c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.4a9c5b18.chunk.js
95.101.10.171200 OK 0 B URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.4a9c5b18.chunk.js
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
GET /widget/static/js/iframe.4a9c5b18.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Mar 2023 09:03:45 GMT
etag: W/"ee1ee2e924d64b378d63f6a05a6ffdf0"
x-amz-server-side-encryption: AES256
x-amz-version-id: He6acq_HduuELcp3HP_QIcEBoA.Bhwcc
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 3z4Oe3XdOJxpBjTgq4ZgRaB47rN2hjOCjYjf5spGGsTzHGvLXdcUhg==
content-length: 206377
cache-control: max-age=31536000
expires: Fri, 22 Mar 2024 18:31:07 GMT
date: Thu, 23 Mar 2023 18:31:07 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/?apk
104.18.25.123200 OK 0 B IP 104.18.25.123:0
GET /?apk HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: text/html; charset=UTF-8
x-frame-options: Deny
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
set-cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67; path=/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ac8bfcedff71c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/m/capimg.php?3077
104.18.25.123200 OK 0 B URL HTTP/2 hanabi188.nsp2d.com/m/capimg.php?3077
IP 104.18.25.123:0
GET /m/capimg.php?3077 HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: image/png
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ac8bfd1fcc61c12-OSL
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/css/bootstrap.min.css
104.18.25.123200 OK 0 B URL HTTP/2 hanabi188.nsp2d.com/css/bootstrap.min.css
IP 104.18.25.123:0
GET /css/bootstrap.min.css HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: text/css
last-modified: Sat, 11 Mar 2023 03:51:10 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd1eca31c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/css/mediaduo.css
104.18.25.123200 OK 0 B URL HTTP/2 hanabi188.nsp2d.com/css/mediaduo.css
IP 104.18.25.123:0
GET /css/mediaduo.css HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: text/css
last-modified: Sat, 11 Mar 2023 03:45:04 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd1ecad1c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800
172.217.21.170200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800
IP 172.217.21.170:0
GET /css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 18:31:05 GMT
date: Thu, 23 Mar 2023 18:31:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/js/webduo35.js
104.18.25.123200 OK 0 B URL HTTP/2 hanabi188.nsp2d.com/js/webduo35.js
IP 104.18.25.123:0
GET /js/webduo35.js HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: application/javascript
last-modified: Sat, 11 Mar 2023 03:46:00 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd23d2f1c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
hanabi188.nsp2d.com/css/webduo.css
104.18.25.123200 OK 0 B URL HTTP/2 hanabi188.nsp2d.com/css/webduo.css
IP 104.18.25.123:0
GET /css/webduo.css HTTP/1.1
Host: hanabi188.nsp2d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/?apk
Cookie: PHPSESSID=o39msitkcm324k5rgpo8b78n67
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:31:05 GMT
content-type: text/css
last-modified: Sat, 11 Mar 2023 06:16:31 GMT
cf-cache-status: MISS
expires: Thu, 23 Mar 2023 22:31:05 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8bfd1eca71c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js
185.244.209.62200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
GET /npm/bootstrap@3.4.1/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hanabi188.nsp2d.com
Connection: keep-alive
Referer: https://hanabi188.nsp2d.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 18:31:06 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.4.1
x-jsd-version-type: version
etag: W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs"
content-encoding: br
cache: HIT, HIT
x-cached-since: 2023-03-14T12:14:45+00:00, 2023-03-14T12:15:47+00:00
x-id: am3-up-gc88, osix-up-gc4
x-nginx: nginx-be, nginx-be
X-Firefox-Spdy: h2