w.lai6yd.cyou/ypf-qsv2/tb.php?qk=qf1675099004563
172.67.156.218200 OK 529 B URL HTTP/1.1 w.lai6yd.cyou/ypf-qsv2/tb.php?qk=qf1675099004563
IP 172.67.156.218:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (527), with CRLF line terminators
Hash 2d309e262bd905f6cd55789a303a0e84
f20ba0381b30e81fb9ee4b4ac5e76df60bdbd881
05857ce317ef7dff922377120e9aaec04164267ed13730bd613cec8026989e00
GET /ypf-qsv2/tb.php?qk=qf1675099004563 HTTP/1.1
Host: w.lai6yd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvw8FZkeHz2w8%2FIPJJhEnYr8ls7QJRWqceaN1e1aC3uahdjqcXv7x99rNjx4SM5AngoNGuzWPcxkzG69y%2BnnYqJYvoTFKMlcrXWpwWGu6%2FIW6wOgMvWQ11tJSb8z3OWV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791bde8dedb7b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3194
Expires: Mon, 30 Jan 2023 18:12:07 GMT
Date: Mon, 30 Jan 2023 17:18:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3008
Expires: Mon, 30 Jan 2023 18:09:01 GMT
Date: Mon, 30 Jan 2023 17:18:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 16:35:45 GMT
content-type: application/json
age: 2588
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5581
Expires: Mon, 30 Jan 2023 18:51:54 GMT
Date: Mon, 30 Jan 2023 17:18:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kuFQA3n/Cxb1oJU+wJ4CGUsH3GBau3minFX89+bnhnQygU/u7cDk1hANS/dTXXo2bWZiYYDyM7g=
x-amz-request-id: XV7KAS1AAN8G5MGB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 16:50:48 GMT
age: 1685
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:53 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
w.lai6yd.cyou/favicon.ico
172.67.156.218200 OK 455 B URL HTTP/1.1 w.lai6yd.cyou/favicon.ico
IP 172.67.156.218:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c5d244b8b6b192c76a2c4331450c235
7e53f5ad871fcd67705eaf77f1ca9ff247143e1e
e0f26b6349453a86cd1f0f87cfd80559ef7edb6d88ff0af9ced7d7e413c548e3
GET /favicon.ico HTTP/1.1
Host: w.lai6yd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://w.lai6yd.cyou/ypf-qsv2/tb.php?qk=qf1675099004563
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:53 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2016 03:54:11 GMT
ETag: W/"5861e5e3-1b0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEodr1wAwtYSEbHQ6S%2BLI7TOhoyIGlsCeMN3b0mqnPibS45sNxR4Yx9pAMUZ4fAs9AIPmD8Sq6h6J7KWsK4foGNx002AYKM%2BYtQswVSS%2FUoSMBzRBmpUWSUqNlo%2B6GbR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bde8fe8cfb4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
w.lai6yd.cyou/j/og2.js?_t=1675099146480
172.67.156.218200 OK 942 B URL HTTP/1.1 w.lai6yd.cyou/j/og2.js?_t=1675099146480
IP 172.67.156.218:0
File type ASCII text, with CRLF line terminators
Hash bad1af26351d2e87c035596233940ab0
9ac0e34dcbfd29ca3070c506c200777a8016b161
bc734ed6fc97cbcbaa0ed5236ce8aa46754596a9a79eef96684242d231d0644e
Analyzer Verdict Alert fortinet Phishing
GET /j/og2.js?_t=1675099146480 HTTP/1.1
Host: w.lai6yd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://w.lai6yd.cyou/ypf-qsv2/tb.php?qk=qf1675099004563
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 16:09:56 GMT
Vary: Accept-Encoding
ETag: W/"635172d4-850"
Expires: Tue, 31 Jan 2023 05:18:53 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2kHTecYrIAzxJmYoMESqeO0Fz1thhAC8j24WQoPevlj733vsoQQkOOFjKf%2Bu0PwWxmtseEPEd0iEuXTBfjTfXiBwQT%2B8vnvsWhUCkOcvx3egQukm02Aw1q6hF%2F7rNtL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791bde90c9d8b4f3-OSL
alt-svc: h2=":443"; ma=60
w.lai6yd.cyou/j/og2.php?_t=1675099146596
172.67.156.218200 OK 98 B URL HTTP/1.1 w.lai6yd.cyou/j/og2.php?_t=1675099146596
IP 172.67.156.218:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7bc63527ef4a3f39fe1565e030ef256b
e0217f96298815ceb290ac3102e6c4dd1afc9c46
a9bfa69f46ef1b6f445a31deb520707910bb1f4bf9ddcd0699c1a958a4a3cf30
POST /j/og2.php?_t=1675099146596 HTTP/1.1
Host: w.lai6yd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 46
Origin: http://w.lai6yd.cyou
Connection: keep-alive
Referer: http://w.lai6yd.cyou/ypf-qsv2/tb.php?qk=qf1675099004563
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:53 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7%2FloJm8ASy0QNpW%2FhJMdFBqHCwi1QdNvS8zKSjzG%2BSyLY5FtXzXp0YmntbwA%2BXaUqJmE8doA0j9t6tbE4f6nTVDfNwkYqbLt%2BhhfwZmg%2FfqbxAtJYrWaGOA27Rsq4lJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791bde916aa1b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c1cd094d3473f9f857cac9b92c6ba289
3344f1ad7db9e211ca3947249215a131eafe8d75
062aea35e3de4c5f4d5e2bad65aaac96ca1e7838e81e5dbad82b12c02a9be958
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "062AEA35E3DE4C5F4D5E2BAD65AAAC96CA1E7838E81E5DBAD82B12C02A9BE958"
Last-Modified: Sat, 28 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10024
Expires: Mon, 30 Jan 2023 20:05:57 GMT
Date: Mon, 30 Jan 2023 17:18:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 16:49:04 GMT
age: 1789
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c1cd094d3473f9f857cac9b92c6ba289
3344f1ad7db9e211ca3947249215a131eafe8d75
062aea35e3de4c5f4d5e2bad65aaac96ca1e7838e81e5dbad82b12c02a9be958
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "062AEA35E3DE4C5F4D5E2BAD65AAAC96CA1E7838E81E5DBAD82B12C02A9BE958"
Last-Modified: Sat, 28 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10024
Expires: Mon, 30 Jan 2023 20:05:57 GMT
Date: Mon, 30 Jan 2023 17:18:53 GMT
Connection: keep-alive
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
151.101.129.229200 OK 2.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
IP 151.101.129.229:0
File type ASCII text, with very long lines (16263)
Hash bd3ea59ca12635e32402ec20cb196249
b1bfdaba4a00c2932245ff9eabea38016f9c9069
b99f8f79de257275fdbf6a8e0eb4652b0d69429552234b1f444c08ae85000341
GET /npm/select2@4.1.0-rc.0/dist/css/select2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.0-rc.0
x-jsd-version-type: version
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 17:18:54 GMT
age: 26519640
x-served-by: cache-fra19146-FRA, cache-bma1634-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2162
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
151.101.129.229200 OK 21 kB URL HTTP/2 cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
IP 151.101.129.229:0
File type ASCII text, with very long lines (65317)
Hash b5ae87c0e4dd241b533e67053b0b719d
6b7b568694a95d81a94dea9ef7a85d1317d448dc
5bae5997fbca925ac6e52be8163ca897e751fcc9331552e0f77a22dd35b64521
GET /npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 6.1.1
x-jsd-version-type: version
etag: W/"189ae-CRAs/GDvtDCiXul87ppqNd9t/Fk"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 17:18:54 GMT
age: 7755247
x-served-by: cache-fra-eddf8230116-FRA, cache-bma1634-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20556
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20961
Expires: Mon, 30 Jan 2023 23:08:15 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.1 kB IP 142.250.74.131:0
File type gzip compressed data, from Unix\012- data
Hash e686d0aa9b2f7cc8d1a2778b088c649f
9ec14f723672d8fbe6668da20e629b249c74cd9f
e85809d4b9b75092ea06cb7e97f0d0338aa11ef83de44d3866bfcbaf9d6736e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 316ee2d146b2f63cdd0d215a3a42ad03
55a32bd94554387b8c843d195d57c812c677e500
2624c12a292bdebecbe2df173c84204748622e76f5e44739d811e9ba21b997bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2624C12A292BDEBECBE2DF173C84204748622E76F5E44739D811E9BA21B997BC"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Mon, 30 Jan 2023 18:33:26 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 08aba3833b7e833311e93419de06016f
634ff92572fafbef13cd995168b982910235fc30
ea1342c5fe6099b0cf4e700f9e961264b86559fc1e7c6c572b043216c2c5f4bb
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:54 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "18517AD7C5A5D5800B3B51AADA833E5CAC0E7DD6"
Expires: Tue, 31 Jan 2023 04:00:00 GMT
Last-Modified: Mon, 30 Jan 2023 16:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1732
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bde942a10fab8-OSL
www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
IP 142.250.74.168:0
File type ASCII text, with very long lines (19467)
Hash 302fcdf621ca8deacf81b588a1c3c3b0
ce83b45662a5c9b56dace95bbbb89450d9d9417a
fc94ed8fae3435b1f28e9a2f37f5b6aadb3153207561c72f8ecd2d2e24c297d9
GET /gtag/js?id=G-LW7434MYMN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:18:54 GMT
expires: Mon, 30 Jan 2023 17:18:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
IP 142.250.74.168:0
File type ASCII text, with very long lines (19467)
Hash 2b49f7085f56ec6d4bb0bf90295dc4d6
6713b0ebafd7a160725aa1b6741a35b505337354
0c322f5827c6fdc9a2f2a21979dc9317369df7c44d0e470ddcae3709c3ab4dcb
GET /gtag/js?id=G-0C230YDF7G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:18:54 GMT
expires: Mon, 30 Jan 2023 17:18:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70d6774d320ab72ec40a4def22b52661
c432f1445ef41088dad9b249a52c6e31d81cff34
3e84c5a3a40ab5677e61ebf1a0c31b2efa3d155eef5876afce832ccd84fb1780
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E84C5A3A40AB5677E61EBF1A0C31B2EFA3D155EEF5876AFCE832CCD84FB1780"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Mon, 30 Jan 2023 21:20:09 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1c4a4bd19dc4151309a9231b14009f52
8b6a996323901484805618d0abebd28b5c07f24f
4d9c32e31016c61e9cad45fe516b4a14bde3d6576573bfb125e249efc7262e9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9C32E31016C61E9CAD45FE516B4A14BDE3D6576573BFB125E249EFC7262E9B"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8401
Expires: Mon, 30 Jan 2023 19:38:55 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
cdnbun.com/upload/agtsy-zuo.png
172.64.164.25200 OK 1.6 kB URL HTTP/2 cdnbun.com/upload/agtsy-zuo.png
IP 172.64.164.25:0
File type PNG image data, 69 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb551769e47fab1f7377bba4a81ecba
ab2bb70a9b6cef30c2232819a32f62c38d954622
8a4a8d1dab9904d863fd67c876c12f8b236ca29d79a75bf0bd6cf9d5b68dc524
GET /upload/agtsy-zuo.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/png
content-length: 1638
x-guploader-uploadid: ADPycds2lHhWhd6CBSELmUBuAEUA4oxj4DXcIGiULtzevJUzGjatA3qN89lAwftcp0J310lDwAodiwfuTmV8gUiFxVRR
expires: Mon, 30 Jan 2023 17:31:39 GMT
cache-control: public, max-age=14400
last-modified: Wed, 02 Nov 2022 17:36:34 GMT
etag: "2cb551769e47fab1f7377bba4a81ecba"
x-goog-generation: 1667410594551364
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1638
x-goog-hash: crc32c=wSylhg==, md5=LLVRdp5H+rH3N3u6SoHsug==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnokzTb5WRysyC8vZ2T2okidh4%2FeB6TkvBdfqXuGt5rCdC5tODsd76QHWDbIkCR7DGPaBJsRffnbuP9LzEuP0GAEjVOz5peEuAjxo0nyAuQC05NX7w1%2FYBGPxPfk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde950b6e3855-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70d6774d320ab72ec40a4def22b52661
c432f1445ef41088dad9b249a52c6e31d81cff34
3e84c5a3a40ab5677e61ebf1a0c31b2efa3d155eef5876afce832ccd84fb1780
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E84C5A3A40AB5677E61EBF1A0C31B2EFA3D155EEF5876AFCE832CCD84FB1780"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Mon, 30 Jan 2023 21:20:09 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
cdnbun.com/upload/petropargov.box2.png
172.64.164.25200 OK 2.3 kB URL HTTP/2 cdnbun.com/upload/petropargov.box2.png
IP 172.64.164.25:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 33caf1d4d36d6691df1728b2c631a168
efa186e88d8198f61408e20c330e85bdbd9aa47f
f4fc0653f2de6002678aaba6c114282293e30228b6d5589adcaf25406f8d5f29
GET /upload/petropargov.box2.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/png
content-length: 2343
x-guploader-uploadid: ADPycduFSHiig4h2FPZNAIM8HtsWrfryqFs81rTDPjZ91SXZEGwCJBf-ZdbzRjqhtLln0kBC4a-0Qn-eZj5rpUOMOjIP
expires: Mon, 30 Jan 2023 17:31:39 GMT
cache-control: public, max-age=14400
last-modified: Wed, 02 Nov 2022 18:14:32 GMT
etag: "33caf1d4d36d6691df1728b2c631a168"
x-goog-generation: 1667412872747640
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2343
x-goog-hash: crc32c=HuFjDA==, md5=M8rx1NNtZpHfFyiyxjGhaA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfdEnWW7UP8ZQokxHpHlLahintth7UwGiG9G7P7xtWBuMq4V1AiOVS92Rpio3DFWvpQ3F1Dd%2BSvlZSzwhV93DmyEW91DXRTyNT8kEH2i%2FMK4hpOXA1ywO8HfADPl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde951ba23855-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70d6774d320ab72ec40a4def22b52661
c432f1445ef41088dad9b249a52c6e31d81cff34
3e84c5a3a40ab5677e61ebf1a0c31b2efa3d155eef5876afce832ccd84fb1780
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E84C5A3A40AB5677E61EBF1A0C31B2EFA3D155EEF5876AFCE832CCD84FB1780"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Mon, 30 Jan 2023 21:20:09 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
cdnbun.com/upload/agtsy-you.png
172.64.164.25200 OK 329 B URL HTTP/2 cdnbun.com/upload/agtsy-you.png
IP 172.64.164.25:0
File type PNG image data, 46 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash af7d340d921da2e90844058a86e78da3
3b20b3398c00ffb81f60c7ee2cb2cff61b4f9542
9536c4aee44dce0aa08fe54aefde8ed24927f4aaad64343f09f0449f0406d08e
GET /upload/agtsy-you.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/png
content-length: 329
x-guploader-uploadid: ADPycdvQ4tJT6fCOvYwVYEbnNKIQQvtP8jQFsmiAKx2stJ9onHstxT18Zm09_EvAL2Jk0cj27eJ3ZMgCxuWcw0NatLC_z1fVahyv
expires: Mon, 30 Jan 2023 17:31:39 GMT
cache-control: public, max-age=14400
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Wed, 02 Nov 2022 17:36:35 GMT
etag: "af7d340d921da2e90844058a86e78da3"
x-goog-generation: 1667410595135623
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 329
x-goog-hash: crc32c=BG1utQ==, md5=r300DZIdoukIRAWKhueNow==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsbVWrAdte8Z6dOAL3BI7TiLY%2FTS1ZhfL3ia5VGPA7sU7zhmU99GFOrJ5pVM6a6eUTL9U6boExsSBYCpRFsHE2KflT%2FF08mBgV8ZVSZb3JjCy5T3CATFPOjid6MF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791bde952bac3855-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70d6774d320ab72ec40a4def22b52661
c432f1445ef41088dad9b249a52c6e31d81cff34
3e84c5a3a40ab5677e61ebf1a0c31b2efa3d155eef5876afce832ccd84fb1780
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E84C5A3A40AB5677E61EBF1A0C31B2EFA3D155EEF5876AFCE832CCD84FB1780"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Mon, 30 Jan 2023 21:20:09 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07dcea82ca0677d77347c58bcd943425
b0882a71b171ddf5c333f71151db2dd4a80e4c39
b6005a8ac35ada7bfc816a964f9af962c0835b041e63466b0a18a42696786b57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
172.64.164.21200 OK 26 kB URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 172.64.164.21:0
File type ASCII text, with very long lines (65321), with CRLF line terminators
Hash eb0c7f2db5d118067a4ec956457fcef4
4cfb89e61da8323dada61052484442a8b4799193
20365098ab85f60a2de957c84a99f45901f730481b781ffb5154eed7054cbf4c
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: text/css
x-guploader-uploadid: ADPycdu1gxpiPS08v65ejSyWJ6gtfHZpcsepSs3IWtEOIkbdCNyOtcM2ty9EePRH4AYvdz3ej4P_RYV58hFL7Ow21tI
expires: Mon, 30 Jan 2023 17:54:46 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
etag: W/"feba0d0760607b9e21393156949afcd9"
x-goog-generation: 1647502692716912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161415
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3oIRVk6AEi%2FOg9SqLpO%2BzfWkxQ2jfrgVBMTTxpQxBw5zUQV9QlMq34%2ByNeiMZG3l185u%2BikXtZ0cyioZ2i%2F10VGOm19AiXkf8W0gw9YdVE2hdvWQHutamljGOt77FR23ss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde93f86224e9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/petropargov.box1.png
172.64.164.25200 OK 8.4 kB URL HTTP/2 cdnbun.com/upload/petropargov.box1.png
IP 172.64.164.25:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b2da5ac46210fccbe09d0802516d833
32b4775faa5ab6ba6d2603a8cdf75af0994ed206
7269799413853af43da297f5dd0a9a959c106c6864e33a338f2a0041220fd0a4
GET /upload/petropargov.box1.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/png
content-length: 8376
x-guploader-uploadid: ADPycdvY0QYirwzN-09pY_7i7XOPoNo_eZJw9GL13XDp1Yy25D2ylqvWmGzi3VeeuzYx2_keOLpdOAdRjtkBet7O9KEQhw
x-goog-generation: 1667412872857532
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8376
x-goog-hash: crc32c=/1XhBA==, md5=Ky2lrEYhD8y+CdCAJRbYMw==
x-goog-storage-class: STANDARD
expires: Mon, 30 Jan 2023 17:31:39 GMT
cache-control: public, max-age=14400
last-modified: Wed, 02 Nov 2022 18:14:32 GMT
etag: "2b2da5ac46210fccbe09d0802516d833"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WixCBv4WU0MatvXuoaciVB%2Bykno024CfaVhtaUnwkP5ZqugZtWYwitoXQzRkE2xiRamBIbsdTNSTOOs8vIciM4ZsQ2QOdEPiqCEzOzV5N2iCMl9i11afN1KrX4hH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde958c483855-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.35.120.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.120.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0ZTC12g2zteK7lqYdhfvDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e6hpu5u75RjnwtTxFw9N2Wv2Gqo=
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85ba32d40423f063f2de6d43daa58a91
69766ae7408fa215ec8d2e5c52bdd520e525bdc1
cf8b546f1431c16b1c8b9613fc060488cefa4ad1e136487451a116dc5745fa56
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CF8B546F1431C16B1C8B9613FC060488CEFA4AD1E136487451A116DC5745FA56"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13464
Expires: Mon, 30 Jan 2023 21:03:18 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
142.250.74.161200 OK 181 kB URL HTTP/2 1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
IP 142.250.74.161:0
File type PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size 181 kB (180954 bytes)
Hash fd835c1f326d3e7da0d9839550f66723
5004618bc15011d7d0f569f60f900d076b164b3d
b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8
GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Mon, 30 Jan 2023 15:04:34 GMT
expires: Fri, 27 Jan 2023 22:59:37 GMT
cache-control: public, max-age=86400, no-transform
age: 8060
etag: "v632"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnbun.com/upload/agtsy-img.jpg
172.64.164.25200 OK 86 kB URL HTTP/2 cdnbun.com/upload/agtsy-img.jpg
IP 172.64.164.25:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 512x288, components 3\012- data
Hash 3ad3019d5c86791d30c0f5e00b126a3e
7231c4ffbf716457f81892e1ca2def81db595e6a
c6dc3a583d35112b6132af8554898aec77e322a59b314b2567cc6383cc1efa0a
GET /upload/agtsy-img.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/jpeg
content-length: 86168
x-guploader-uploadid: ADPycdv7eTFOF2MtwWvoBg03B0gpLLvazBMK2UX6pBTAVv8ch2qBWviv3QcLce3A7RwRkuM7AeVEysh9-T4t5NDWOEH9p7BdshxR
expires: Mon, 30 Jan 2023 17:31:39 GMT
cache-control: public, max-age=14400
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Wed, 02 Nov 2022 17:36:35 GMT
etag: "3ad3019d5c86791d30c0f5e00b126a3e"
x-goog-generation: 1667410595043829
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 86168
x-goog-hash: crc32c=1L6vHA==, md5=OtMBnVyGeR0wwPXgCxJqPg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSPm%2FUE6hfrte6WvTBFkLqqRbelPJXEbUHeIo0P13n1KJuN3KyHC%2FOaawYzmGzEZkMDJnRZWB6PSGxYSPasi2%2F6mNTJQczHH7zhGcV4koUrJOs7HBaxsEGI%2BnUGH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791bde95ac8b3855-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
142.250.74.161200 OK 14 kB URL HTTP/2 1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
IP 142.250.74.161:0
File type PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Hash ff055162c5d233506eece3fb69a47e74
49812e303ae6674819b6a7a6e0721d555ef64df4
7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Mon, 30 Jan 2023 15:04:34 GMT
expires: Mon, 23 Jan 2023 07:16:14 GMT
cache-control: public, max-age=86400, no-transform
age: 8060
etag: "v630"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnbun.com/upload/petropargov.box3.png
172.64.164.25200 OK 23 kB URL HTTP/2 cdnbun.com/upload/petropargov.box3.png
IP 172.64.164.25:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash e82188b058b7b5ce55721a60f81072cd
bc7f3c45d9e420716c68a9095328d375445d1f70
4f357b619b51b46549eac459f654f850bdff21ca0fa4ed958c2a3c36b5886bd7
GET /upload/petropargov.box3.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/png
content-length: 23230
x-guploader-uploadid: ADPycdtX2l7S9i87sjGDfq6mlauI26U7gpNr1k8zXwzUbnGDGCupnCjL1ZFcnnvNmlclR_EeniarSW7EFNClaeVD93Rh4OXtogfg
expires: Mon, 30 Jan 2023 17:31:40 GMT
cache-control: public, max-age=14400
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Wed, 02 Nov 2022 18:14:32 GMT
etag: "e82188b058b7b5ce55721a60f81072cd"
x-goog-generation: 1667412872943324
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 23230
x-goog-hash: crc32c=QcJbbQ==, md5=6CGIsFi3tc5Vchpg+BByzQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuJitjT9FTbVVtIQrBTDgtnoY3i%2BelUhxzDZE98YOYOrzU%2Fphk7XZ21IRyiv3xCGsWvO%2FA%2FmMxOzTdJrvPz%2F1ZxwpX6NtVq5x6Fxj6IUlphmF7tcGadA7FwcUvh3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791bde95ccc53855-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85ba32d40423f063f2de6d43daa58a91
69766ae7408fa215ec8d2e5c52bdd520e525bdc1
cf8b546f1431c16b1c8b9613fc060488cefa4ad1e136487451a116dc5745fa56
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CF8B546F1431C16B1C8B9613FC060488CEFA4AD1E136487451A116DC5745FA56"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13464
Expires: Mon, 30 Jan 2023 21:03:18 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70d6774d320ab72ec40a4def22b52661
c432f1445ef41088dad9b249a52c6e31d81cff34
3e84c5a3a40ab5677e61ebf1a0c31b2efa3d155eef5876afce832ccd84fb1780
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E84C5A3A40AB5677E61EBF1A0C31B2EFA3D155EEF5876AFCE832CCD84FB1780"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Mon, 30 Jan 2023 21:20:09 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
263cdn.com/upload/br10.jpg
172.64.104.2200 OK 9.2 kB URL HTTP/2 263cdn.com/upload/br10.jpg
IP 172.64.104.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 6a36efd6781ff0769c3cd9fd8cd07d60
c4ce25b82fd7555f88da9d04b8498389166d6450
838a9dcc32e1009417bf460b730de6febc3c77c3f98977f9a25e58d9e760b754
GET /upload/br10.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/jpeg
content-length: 9192
x-guploader-uploadid: ADPycdvqub2ECaq1iaLHEnoxcbDZUPAgVsSEFtgtkJgGzou9cizT_-6OXb-uwNj6GcdvOwmGIGMx4FIZoY8ADGj4n_QU3KgMDGEW
x-goog-generation: 1655329825994897
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9192
x-goog-hash: crc32c=VkzUBQ==, md5=ajbv1ngf8HacPNn9jNB9YA==
x-goog-storage-class: STANDARD
expires: Mon, 30 Jan 2023 17:17:05 GMT
cache-control: public, max-age=14400
age: 3392
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "6a36efd6781ff0769c3cd9fd8cd07d60"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8uR5TKrhWYK8PdMdDKOpEOfEI7rZJ1Zpr8FLSUo8%2BmGNsiB85WMIrCXIfLB4nN0%2FuX3bvvdS8%2BNyNZ%2Fojkm7v01duKHVkyHSK8VjgA%2FHBKPmPu7r5Oq5e5aOMLK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde9658b976d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br8.jpg
172.64.104.2200 OK 11 kB URL HTTP/2 263cdn.com/upload/br8.jpg
IP 172.64.104.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash cde75f5893c6a09c97962401bff1f651
42c491819e3011dab6cb1644f4e3ad16fcbdcf63
7fa0e99909ddb658f9d01b276d3280f209c1cbf0530ee26b8602a9b63ddc2a1f
GET /upload/br8.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/jpeg
content-length: 10919
x-guploader-uploadid: ADPycdtkx_vPLMlDQAzMTYDa8Z1xViwwh1fQUNAvk4DgE4HE1saEqCKGJ88N22xnJMGDGYiKah3bCkL0-xB48jxohBZyvGwTtlry
expires: Mon, 30 Jan 2023 16:23:44 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "cde75f5893c6a09c97962401bff1f651"
x-goog-generation: 1655329826503145
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10919
x-goog-hash: crc32c=I0QPWg==, md5=zedfWJPGoJyXliQBv/H2UQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3392
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2I70sl2vCIfNkAqZ%2BAvr6DIBeKy%2BaPz3w7t95XF6BHKJ3G2qhb%2BTv0SleuxzJk3FeVQLrwTTjN%2F2o0SBnR4b6Pz0BDhfYwfcPGJ1P6qJz5Ctkn2LLT%2FEBz4S79Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde9658b576d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br9.jpg
172.64.104.2200 OK 11 kB URL HTTP/2 263cdn.com/upload/br9.jpg
IP 172.64.104.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash f13809c2eef4af36e6221e0c321cc639
ace9af813be3c79f27b39fbf110ac3152b804947
addcc62106b16e6f000ee0879b54eb595000e0b6626268b7a08d3d2ce2f33330
GET /upload/br9.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/jpeg
content-length: 10562
x-guploader-uploadid: ADPycdu7S89hatRqdei3ngXyMGR0o04SudiRgWQi1IfJRHv4fPMozHkyrugDDlint8eNSFc5pfYDm8D3fDNRY3JqeXIQ1w
x-goog-generation: 1655329826660494
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10562
x-goog-hash: crc32c=IaTdpw==, md5=8TgJwu70rzbmIh4MMhzGOQ==
x-goog-storage-class: STANDARD
expires: Mon, 30 Jan 2023 16:44:50 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "f13809c2eef4af36e6221e0c321cc639"
age: 3392
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAeQpEIavGNSdwEcxuvhR0lEvhpBiKVPTx3dmOrscrXxEQEEq6VuWCaXl%2F8wGICp0k%2FjX8QOnAP0%2BkfV45bmtTWb5nfVRLlpDsHmT%2BG6KeExbY9wlY1pqCygsaNE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde9658b676d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br7.jpg
172.64.104.2200 OK 7.1 kB URL HTTP/2 263cdn.com/upload/br7.jpg
IP 172.64.104.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 348a1fc1775375a2041c4f46c1e857f1
8f4f78aceafbc18f26e413b8adbddbbbdfb1a5e9
ba98581166a1948bd0b688755e4c3b11d5279345cb73a1c4372ada9f31b0cb54
GET /upload/br7.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/jpeg
content-length: 7121
x-guploader-uploadid: ADPycduUR4jtmPKn0pJlbKBivDQCpgTXr-A_bZ8kW_lp_Yhw8SkgtlrWbrqSslNaHytmLAM90vbhlUOm68fduEdzOu8RNA
x-goog-generation: 1655329826514326
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7121
x-goog-hash: crc32c=Z1w3fg==, md5=NIofwXdTdaIEHE9GwehX8Q==
x-goog-storage-class: STANDARD
expires: Mon, 30 Jan 2023 17:15:10 GMT
cache-control: public, max-age=14400
age: 3392
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "348a1fc1775375a2041c4f46c1e857f1"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ls4lC8Y6JdFFoUH%2FIEyfkUP97mzxHZf1FVu40yv%2Fvi%2FbXaa0glyAT4bbL%2BNUGu9ga%2BiTk1Lk4AqioaERQGklPDw7ou%2FvNoznBHtPN5%2BaaZmAm10ZY3%2BanOAOrDp0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde9658b476d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85ba32d40423f063f2de6d43daa58a91
69766ae7408fa215ec8d2e5c52bdd520e525bdc1
cf8b546f1431c16b1c8b9613fc060488cefa4ad1e136487451a116dc5745fa56
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CF8B546F1431C16B1C8B9613FC060488CEFA4AD1E136487451A116DC5745FA56"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13464
Expires: Mon, 30 Jan 2023 21:03:18 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85ba32d40423f063f2de6d43daa58a91
69766ae7408fa215ec8d2e5c52bdd520e525bdc1
cf8b546f1431c16b1c8b9613fc060488cefa4ad1e136487451a116dc5745fa56
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CF8B546F1431C16B1C8B9613FC060488CEFA4AD1E136487451A116DC5745FA56"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13464
Expires: Mon, 30 Jan 2023 21:03:18 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
263cdn.com/upload/br1.jpg
172.64.104.2200 OK 13 kB URL HTTP/2 263cdn.com/upload/br1.jpg
IP 172.64.104.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash bc47b6cdd393ad728b28819a6e55c2e7
e0874c0e94f333fc246097f34a9f2a83c522ad12
094b0e993e6af7f549a6d0fd128cfd6697e865b1866580ec12debbdbf2548565
GET /upload/br1.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/jpeg
content-length: 13420
x-guploader-uploadid: ADPycdtmbYJZozolH1IKNQxpH-y-5PKWQNudR7JW9CTBf7RHZY8PpskoB7cmYRYP0cc7eAIyAYIoIZejutHXVLQVAK86Dg
x-goog-generation: 1655329825934733
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13420
x-goog-hash: crc32c=mWHaiQ==, md5=vEe2zdOTrXKLKIGablXC5w==
x-goog-storage-class: STANDARD
expires: Mon, 30 Jan 2023 17:27:16 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:25 GMT
etag: "bc47b6cdd393ad728b28819a6e55c2e7"
cf-cache-status: HIT
age: 1097
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P29UWZ8PSVa1qIQKvvXikLNSxZfo90IiO1dEgvuFKTFa1FF3l0gvzbpiiVLgWY08HFK5mq3t%2B7giKbzPsAZViaamsgs%2BGnXLglU1eWQVzwjzXYyYEqI9qf2uqWty"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde9658b276d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br2.jpg
172.64.104.2200 OK 14 kB URL HTTP/2 263cdn.com/upload/br2.jpg
IP 172.64.104.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 32983c2f4b03d1249fb67313e66137c3
78e522f9e90dd0b492c569da47c60e2b430997e2
fecb1d9535690acb0adf0f834ff111a15285118107eaff6ee479b54aec2dddb0
GET /upload/br2.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/jpeg
content-length: 14395
x-guploader-uploadid: ADPycdvGYqRjDuhONkdcuRnzNHh80fG48ZI7LIbBEWlMXR2bgJI-xeIbrK_cmaNlktVsUD1inRSGWefzJ3Om7aWE4TKftQ
expires: Mon, 30 Jan 2023 17:27:16 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "32983c2f4b03d1249fb67313e66137c3"
x-goog-generation: 1655329826154693
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14395
x-goog-hash: crc32c=u9T/jw==, md5=Mpg8L0sD0SSftnMT5mE3ww==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1097
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANKaUoZPOOYHYkoetC6p%2FUSuYuP22RT2fBPosJGXfDbqblBcvPLcofPs1P73FPjJZ8b7cF6lLi%2FfvK31XIBj754RjrlxeeSvEg46AaEJvM7Ur%2BkffbnYLv04hp3j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde9678ff76d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f4a0e788bd484c84f6fc7407e06ad3
840418f49c444dc62e370825451b945ff89e99bf
69b2086f39e1f30b567049191696db642db8babe79a0c6ce084b06cdbc962b6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
263cdn.com/upload/br5.jpg
172.64.104.2200 OK 9.2 kB URL HTTP/2 263cdn.com/upload/br5.jpg
IP 172.64.104.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 7f635454c838bd3ccfa7f9550dfbd91b
a7872ff6f626bab2ec04c3ee05fb4e00586e5444
542a9cbe8f09d55dbab27b9357dabc18ad34fd1713aab9247ebe91d7ce188d7e
GET /upload/br5.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/jpeg
content-length: 9198
x-guploader-uploadid: ADPycdumf_vHq1PhzfLPOis1KfaAMkM8el1U6PzbT0wd5UCFbnTBr4tYvRR9TXvR80yBw4N24JtOOGgXRWQSq9fJMPS-D4ULy-rJ
expires: Mon, 30 Jan 2023 17:27:16 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "7f635454c838bd3ccfa7f9550dfbd91b"
x-goog-generation: 1655329826310264
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9198
x-goog-hash: crc32c=k6EtFA==, md5=f2NUVMg4vTzPp/lVDfvZGw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2075
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7nVccTKCocVClpGJiT2muOof0PzaoonYAKvCqfp8oESeLRnoO6GF6LR%2BIcmEyM1zftSJTha8p68NviqefRhAZjtvRIaZWYsvf%2BnGho0VrbEoRUmjWf2dsSeu01u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde96790476d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jzupsq.cyou/U1IHYDzV/ypf-qsv2/?_t=1675099146646
188.114.97.1200 OK 25 kB URL HTTP/2 jzupsq.cyou/U1IHYDzV/ypf-qsv2/?_t=1675099146646
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 386449ac0c2f9682e2e977e4402cc919
2731d20c5ab5623f7352d34986f1ec9b618b2f83
9513e93b475330d432c72a77fff1843b2ba26925551df1517241edef0b36060d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /U1IHYDzV/ypf-qsv2/?_t=1675099146646 HTTP/1.1
Host: jzupsq.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://w.lai6yd.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: pType=mo; expires=Mon, 30-Jan-2023 17:30:53 GMT; Max-Age=720; path=/; domain=jzupsq.cyou
ypf-qsv2-tthh1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.jzupsq.cyou
ypf-qsv2-tthh2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.jzupsq.cyou
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2lbPSdAwJYFvPTx82lGqn1saNqPjfmKkGLe5YsyoK8xjBP%2Fx1NwwpZD2Ig5fhl6IrxPBqzLlSX3sRHGP7QnXWVNfXuGaKYDP%2Bj22G1svHFZcb5onhw8CWXnDNnpuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791bde9218090b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br4.jpg
172.64.104.2200 OK 14 kB URL HTTP/2 263cdn.com/upload/br4.jpg
IP 172.64.104.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash a4a4c0d4a70735b72b417784f0b70f53
eb8ab5c4f709d800fc43f2c1969b830b785cbd87
76f67ceb044c404c2f95482e5d69275692989060e8612f57c4d2ca5ec6137b96
GET /upload/br4.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/jpeg
content-length: 13791
x-guploader-uploadid: ADPycduTbgPm452yqy8cFXgCY-fVmHSTSw-ssgRF4R41zEm1kqtZlaDyExvYz4qOYcBFOefgrX9pgDTNf1GvC8gSI1yrIXet7-9L
expires: Mon, 30 Jan 2023 17:15:10 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "a4a4c0d4a70735b72b417784f0b70f53"
x-goog-generation: 1655329826227801
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13791
x-goog-hash: crc32c=vRJnew==, md5=pKTA1KcHNbcrQXeE8LcPUw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1097
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZefgKg3Nuqq88m%2FpWNL733bgzq4NBVg1c87f%2FCELL8yx%2Bi0K76kjuXGsq3t%2B2XhNQnBor9g3hzaoZt45uQ3sofdWg%2FnvVDzuek07uwLcPtVsnru0DA5o%2FeN7E%2FS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde96a93e76d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85ba32d40423f063f2de6d43daa58a91
69766ae7408fa215ec8d2e5c52bdd520e525bdc1
cf8b546f1431c16b1c8b9613fc060488cefa4ad1e136487451a116dc5745fa56
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CF8B546F1431C16B1C8B9613FC060488CEFA4AD1E136487451A116DC5745FA56"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13464
Expires: Mon, 30 Jan 2023 21:03:18 GMT
Date: Mon, 30 Jan 2023 17:18:54 GMT
Connection: keep-alive
263cdn.com/upload/br6.jpg
172.64.104.2200 OK 13 kB URL HTTP/2 263cdn.com/upload/br6.jpg
IP 172.64.104.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 5aaba2df99467b22c9aba3b73f4d7716
05bbaa23e54f06f28d9f79dabb6184480edd924d
835cbfb92c8564b94e00760d85fa2d4839729e48d9085bbdb150b5bae8a5ab8f
GET /upload/br6.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: image/jpeg
content-length: 13307
x-guploader-uploadid: ADPycdtUBUZzPUFp2Y7tM2CCcQXY1JzXDQyIRhoY_xi1ztKxMXjjGklSFa15dtXlTzJdRVdJ-rFkdq_e8xLn6_pk3zu_Ij1FXLXz
expires: Mon, 30 Jan 2023 17:15:10 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "5aaba2df99467b22c9aba3b73f4d7716"
x-goog-generation: 1655329826365830
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13307
x-goog-hash: crc32c=mUw5og==, md5=Wqui35lGeyLJq6O3P013Fg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2075
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwX4ZhwghIxi%2BRk40qQRYInUkpLPIJbp3VLPdhgAfGI0kCWEXDe9pw7izISz4TrCPkV3LN5an7GIqSbL2C51oNUPl2XRP8pCsXC0H%2Bysx0h%2FDJpKNqc4ceqw%2Bqgx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde96a94276d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 89086667f6ed6d6b5cd0560f56590bce
3713db85315606d927b997c1da8ba9a7e04255e1
dfccfc12b8d43ed87ab681feb045bc0673b7b16250f22dcd7c8a108f4663b749
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 03 Feb 2023 15:40:14 GMT
ETag: "3713db85315606d927b997c1da8ba9a7e04255e1"
Last-Modified: Mon, 30 Jan 2023 15:40:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2208
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bde996e3cfab8-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.9 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash f075d34f9037034a6fcd183bda0b9f94
b8811e8024ade9be614f62efa7763e8707dfb16e
5889b5d548315d3fab36201e7e5fe74f549259a05be4d50c331b5eb577dbc0ed
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:18:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 03 Feb 2023 15:40:14 GMT
ETag: "3713db85315606d927b997c1da8ba9a7e04255e1"
Last-Modified: Mon, 30 Jan 2023 15:40:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2208
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bde996cbb0b39-OSL
region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN>m=2oe1p0&_p=1124084542&cid=1113018119.1675099147&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675099147&sct=1&seg=0&dl=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646&dr=http%3A%2F%2Fw.lai6yd.cyou%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN>m=2oe1p0&_p=1124084542&cid=1113018119.1675099147&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675099147&sct=1&seg=0&dl=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646&dr=http%3A%2F%2Fw.lai6yd.cyou%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LW7434MYMN>m=2oe1p0&_p=1124084542&cid=1113018119.1675099147&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675099147&sct=1&seg=0&dl=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646&dr=http%3A%2F%2Fw.lai6yd.cyou%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jzupsq.cyou
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://jzupsq.cyou
date: Mon, 30 Jan 2023 17:18:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167509913423129&xtt=2867912
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167509913423129&xtt=2867912
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167509913423129&xtt=2867912 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 30 Jan 2023 17:18:54 GMT
last-modified: Mon, 30 Jan 2023 17:18:54 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6721
Expires: Mon, 30 Jan 2023 19:10:56 GMT
Date: Mon, 30 Jan 2023 17:18:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6721
Expires: Mon, 30 Jan 2023 19:10:56 GMT
Date: Mon, 30 Jan 2023 17:18:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6721
Expires: Mon, 30 Jan 2023 19:10:56 GMT
Date: Mon, 30 Jan 2023 17:18:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 70006
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 69497
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 69947
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 73958
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDJKl99GiUxTW_EgWFDjLaJZbKFhfaJR-XRLsbQphwHuCXczDlxrDA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:37 GMT
age: 69858
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 69814
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
185.66.200.220200 OK 12 kB URL HTTP/2 uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
Hash 9cac7fbbd7de22222ccef1a9e17e43de
f514c8b31315eaef9043ab4881f01e08273b4b9b
8a6473e599f9c0bd0f959361731a988765aff901dfea9450c3f769019ac9cc90
GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: application/javascript
expires: Mon, 30 Jan 2023 17:18:54 GMT
last-modified: Mon, 30 Jan 2023 17:18:54 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 570feb456b832be21f5024ba01124853
7480bda05bf961b9f8d1534e0b78c35e01c4e51d
25b0d4e36162da62256ef1fa038362a8e14d614941e2e640b1acfbd11e2bf87a
GET /hm.js?8b68846a3ac1709b0ec7199084ee5ea8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 17:18:55 GMT
Etag: cb6b015084afe4d3fb46de795af8fcf1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4E52A35BEEF63CE5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 430c70f25f52cdd85b0adde9ec4aa48d
b5dde9e9b9a642a8e1cf34553e4ad255422733e6
bed8529145605a91691cb45df583fe580f416908886fd10eae180aac34f780c8
GET /hm.js?ba99808308e7272d58c43367a11d1204 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 17:18:55 GMT
Etag: 9940bc41e5f801b36c952f6c7a603ea5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6DD412BCC2654E86; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?fb5c0efbaa67712d369184d9298dc644
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?fb5c0efbaa67712d369184d9298dc644
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (661)
Hash 4a337fc0dbbc862d91d9ccbc5a0fa19c
fcf35a44de41777b1e09a4e73557fb61cf0b94fd
7ed34963a822229bd869031f90c1e6732e7d455c0db06e81a1286a3f18695084
GET /hm.js?fb5c0efbaa67712d369184d9298dc644 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11299
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 17:18:55 GMT
Etag: aa4decfeb8cde750e1b965448dab720e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A69109F8858B5A91; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=206141946&si=9e84975b629767c58a8becc81600bb23&su=http%3A%2F%2Fw.lai6yd.cyou%2F&v=1.3.0&lv=1&sn=24549&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646%231675099147818
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=206141946&si=9e84975b629767c58a8becc81600bb23&su=http%3A%2F%2Fw.lai6yd.cyou%2F&v=1.3.0&lv=1&sn=24549&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646%231675099147818
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=206141946&si=9e84975b629767c58a8becc81600bb23&su=http%3A%2F%2Fw.lai6yd.cyou%2F&v=1.3.0&lv=1&sn=24549&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646%231675099147818 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 30 Jan 2023 17:18:55 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2073B153062575D7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=344114695&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fw.lai6yd.cyou%2F&v=1.3.0&lv=1&sn=24549&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646%231675099147818
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=344114695&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fw.lai6yd.cyou%2F&v=1.3.0&lv=1&sn=24549&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646%231675099147818
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=344114695&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fw.lai6yd.cyou%2F&v=1.3.0&lv=1&sn=24549&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646%231675099147818 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 30 Jan 2023 17:18:56 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7798BD245B6C431F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=495826156&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fw.lai6yd.cyou%2F&v=1.3.0&lv=1&sn=24549&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646%231675099147818
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=495826156&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fw.lai6yd.cyou%2F&v=1.3.0&lv=1&sn=24549&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646%231675099147818
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=495826156&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fw.lai6yd.cyou%2F&v=1.3.0&lv=1&sn=24549&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646%231675099147818 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 30 Jan 2023 17:18:56 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9B3B7B7A3915926C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=725032273&si=fb5c0efbaa67712d369184d9298dc644&su=http%3A%2F%2Fw.lai6yd.cyou%2F&v=1.3.0&lv=1&sn=24549&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646%231675099147818
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=725032273&si=fb5c0efbaa67712d369184d9298dc644&su=http%3A%2F%2Fw.lai6yd.cyou%2F&v=1.3.0&lv=1&sn=24549&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646%231675099147818
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=725032273&si=fb5c0efbaa67712d369184d9298dc644&su=http%3A%2F%2Fw.lai6yd.cyou%2F&v=1.3.0&lv=1&sn=24549&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FU1IHYDzV%2Fypf-qsv2%2F%3F_t%3D1675099146646%231675099147818 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 30 Jan 2023 17:18:56 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9017C9ACC2C3A499; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:18:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Catamaran:800&display=swap
142.250.74.74200 OK 875 B URL HTTP/2 fonts.googleapis.com/css?family=Catamaran:800&display=swap
IP 142.250.74.74:0
Hash 84f3b8e3f16087870297b1faa94126ec
bd02caae88224ede8485c820b4fa9c0c500ea5de
ff9f263651cd8263a0ba177378f843f78ba7a5b8be92e60e0c2a207defcf606d
GET /css?family=Catamaran:800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 17:18:56 GMT
date: Mon, 30 Jan 2023 17:18:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 821be1244aa3da68d62dd2cfd95fbdb7
b161da0bee24153383761099bcd67a88eff18ee0
e8aa7e537948ab41c6bcd7808f20421bc5fdf50189ceedbc598de3dac563bf1a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8AA7E537948AB41C6BCD7808F20421BC5FDF50189CEEDBC598DE3DAC563BF1A"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4057
Expires: Mon, 30 Jan 2023 18:26:33 GMT
Date: Mon, 30 Jan 2023 17:18:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 821be1244aa3da68d62dd2cfd95fbdb7
b161da0bee24153383761099bcd67a88eff18ee0
e8aa7e537948ab41c6bcd7808f20421bc5fdf50189ceedbc598de3dac563bf1a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8AA7E537948AB41C6BCD7808F20421BC5FDF50189CEEDBC598DE3DAC563BF1A"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Mon, 30 Jan 2023 19:46:37 GMT
Date: Mon, 30 Jan 2023 17:18:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 821be1244aa3da68d62dd2cfd95fbdb7
b161da0bee24153383761099bcd67a88eff18ee0
e8aa7e537948ab41c6bcd7808f20421bc5fdf50189ceedbc598de3dac563bf1a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8AA7E537948AB41C6BCD7808F20421BC5FDF50189CEEDBC598DE3DAC563BF1A"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4057
Expires: Mon, 30 Jan 2023 18:26:33 GMT
Date: Mon, 30 Jan 2023 17:18:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 821be1244aa3da68d62dd2cfd95fbdb7
b161da0bee24153383761099bcd67a88eff18ee0
e8aa7e537948ab41c6bcd7808f20421bc5fdf50189ceedbc598de3dac563bf1a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8AA7E537948AB41C6BCD7808F20421BC5FDF50189CEEDBC598DE3DAC563BF1A"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Mon, 30 Jan 2023 19:46:37 GMT
Date: Mon, 30 Jan 2023 17:18:56 GMT
Connection: keep-alive
bonepa.com/4fe48aebd6/4f59451604/?placementName=Banner&is_first=true&randomA=0_6045&maxw=0
185.66.201.42200 OK 7.0 kB URL HTTP/2 bonepa.com/4fe48aebd6/4f59451604/?placementName=Banner&is_first=true&randomA=0_6045&maxw=0
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33450), with no line terminators
Hash 7cb790c1dce59029362eca880604e930
8536aa9d8ca7f7799b9108de05beba40e958510d
d51e30ba94769bd197e96c500ceff8bceaae3b91b2da78fc1506c478c96a32e7
GET /4fe48aebd6/4f59451604/?placementName=Banner&is_first=true&randomA=0_6045&maxw=0 HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:56 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Tue, 31-Jan-2023 17:18:56 GMT; Max-Age=86400; secure; SameSite=None
used_ad2633605=1; expires=Tue, 31-Jan-2023 04:59:59 GMT; Max-Age=42063; path=/; secure; SameSite=None
total_impressions=1; expires=Tue, 31-Jan-2023 04:59:59 GMT; Max-Age=42063; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
172.64.164.21200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
IP 172.64.164.21:0
GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycduIPxBxn9HV1RvlxQW5n8gWMNt2gH6LJACR5zSppFALBLzrzJxa_8ctHWVRnxFIChP9qRRTmrjDnfJ9VGLfuaiuefHrtsZR
expires: Mon, 30 Jan 2023 17:01:53 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWtn2R%2BrqQYXqOa3JFDfYGbwUfyWUkh2ufTs5ELcfZwiRYCKmeHluKz%2FbM8Yrxd4Bzmw%2F78JxnLI8Dbw7to8ozUbtCcq0A8eDafUaUQrcJUWZrvDs1ia7FG4OSgI8FKp3l4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde93f85624e9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/rocket.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/rocket.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/rocket.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:56 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:26:15 GMT
vary: Accept-Encoding
etag: W/"5d9da7b7-160b5"
expires: Wed, 01 Mar 2023 17:18:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/shark.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/shark.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/shark.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:56 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:26:04 GMT
vary: Accept-Encoding
etag: W/"5d9da7ac-197f9"
expires: Wed, 01 Mar 2023 17:18:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/monster.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/monster.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/monster.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:56 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:26:27 GMT
vary: Accept-Encoding
etag: W/"5d9da7c3-6f44"
expires: Wed, 01 Mar 2023 17:18:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
bonepa.com/js/responsive.js
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/js/responsive.js
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
Analyzer Verdict Alert fortinet Phishing
GET /js/responsive.js HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/spider.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/spider.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/spider.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:56 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:25:50 GMT
vary: Accept-Encoding
etag: W/"5d9da79e-f2f2"
expires: Wed, 01 Mar 2023 17:18:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/unicorn.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/unicorn.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/unicorn.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:56 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:24:51 GMT
vary: Accept-Encoding
etag: W/"5d9da763-20b52"
expires: Wed, 01 Mar 2023 17:18:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/fire.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/fire.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/fire.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:56 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:26:37 GMT
vary: Accept-Encoding
etag: W/"5d9da7cd-17dc1"
expires: Wed, 01 Mar 2023 17:18:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
172.64.164.21200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 172.64.164.21:0
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycduvncBLA0gxm2jhB0xBiFcB9ljkEJNPjkQtZv47AnL5fPX0bMXS2cf5SLGxbSyGNf7QQBvdtKZagx9cccWcvqeCNqbuvQ
expires: Mon, 30 Jan 2023 18:06:27 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 252
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0It4GwfidLFxr3jLsUPziydh5kOKFhUc0DL2E7%2F%2FfYHWrCYi%2FF5eKJ7%2F2KU8nBJsYdQJQkWs6tbVuyPOaMdmuLqehZGXFmQFuVnH7jrZUDjLslmS7HvbJCpty5SePDN6oc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde93f85d24e9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/water.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/water.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/water.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:56 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:24:25 GMT
vary: Accept-Encoding
etag: W/"5d9da749-1ac32"
expires: Wed, 01 Mar 2023 17:18:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/tsunami.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/tsunami.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/tsunami.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:56 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:25:19 GMT
vary: Accept-Encoding
etag: W/"5d9da77f-15e0e"
expires: Wed, 01 Mar 2023 17:18:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/tornado.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/tornado.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/tornado.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:56 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:25:36 GMT
vary: Accept-Encoding
etag: W/"5d9da790-a397"
expires: Wed, 01 Mar 2023 17:18:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
172.64.164.21200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP 172.64.164.21:0
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdtaXO8Pt4mYxS4tkg36SiMjVR6jjL7hB9EkK5aPNXJ0rrhhBXOw5gRmhJXZ1IYlvDk2NYpvsCE76nxT_QCLJq2KEg
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
expires: Mon, 30 Jan 2023 16:54:45 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
cf-cache-status: HIT
age: 1799
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhS9AybI80QAr90Lbjmsh%2Bj8kF8YxYf0OpmDsJmLkgmxzhQbPkIvnuAAOeKhy1KEnXuzpgeVZkhQM0uPeN2ZhL4MzcO66BJIb56Orv6b8%2B1w%2FrY1xOTGBYSTbdHItT2WSyA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde93f86424e9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
172.64.164.21200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
IP 172.64.164.21:0
GET /npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycduBJeczL34Fvv9CSG8cSkqydq7iCeR_jCmOfQB5qU4sf79MEXqRyNxK75Up_HX1Mqv3OV7JZo24-ffqVzW7jI8
expires: Mon, 30 Jan 2023 17:14:00 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
etag: W/"80924b62e5b3ac73aa4849776b439770"
x-goog-generation: 1647502839791727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 72765
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 682
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqlhjd%2BPgk%2FlBFh%2BAJbfabhJDbRTTfI%2BAkJVdLwEoyTDlJo%2BHTlOdBzeJ9tVJubIaLGX79EbE%2FV3vsVm6S2Ue3bc98Wc1CjEMh%2Ft1NM7nH9P6%2FUi0Gsl9NAtY2JvF5FL2uc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde93f86824e9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
172.64.164.21200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
IP 172.64.164.21:0
GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:18:54 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdvCxHltiuPjHL-zbbsBVwle0-vgYS2_pOmv1wzzQZrGSBqUE4vr5WQ_17FuwcGb_O0Ved79CT2MXZTd7QgSd4c
expires: Mon, 30 Jan 2023 17:04:23 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2725
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ju%2FnbuCeLOwjBNYZq9hzfZX2xOfVBUFIi%2BfCNV3dc7IwReKMgG6M9BLj7caXWjUWsQwPgvUngBXhxhMkzJyrut4FVmFd9rh%2Be00WlOt2IASWOCX8k0jvuhA23iLovGa8oN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bde93f86324e9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/genericImages/breaking-news/ufo.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/genericImages/breaking-news/ufo.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /genericImages/breaking-news/ufo.jpg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:18:56 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2019 09:25:05 GMT
vary: Accept-Encoding
etag: W/"5d9da771-13b4b"
expires: Wed, 01 Mar 2023 17:18:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2