fibredepict.cn/usps/tb.php?
104.21.18.111200 OK 558 B URL HTTP/1.1 fibredepict.cn/usps/tb.php?
IP 104.21.18.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (558), with CRLF line terminators
Hash 1d64a2f8771d604a8561a6907b0a9374
5dc805e01cccecbd67322a9538b26f36d3607357
8806561a1de4b06f0085c55feec0e2bd043f6826ce14db37de20f56656c921be
GET /usps/tb.php? HTTP/1.1
Host: fibredepict.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 23:12:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKvqrHx%2B8zjd1GLHdpYST4cIBud4LslnIRq%2Bosqmb5NjHRc6VQGXtH%2FM1zDnLghQ3qHFs2EJdkhcU7Cgnr7QXcib4rvaDnkxIpHtHgu4kwosVtxPCoJmMIGkVzQrn%2BbhAw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7737bf81badcfabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5169
Expires: Sat, 03 Dec 2022 00:38:42 GMT
Date: Fri, 02 Dec 2022 23:12:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3090
Cache-Control: max-age=130212
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:33 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 11:22:45 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 22:18:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3260
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2793
Expires: Fri, 02 Dec 2022 23:59:06 GMT
Date: Fri, 02 Dec 2022 23:12:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZzSzvTZjWkOD0bNn+HAoGqHFLF7byHX6EfIeZXyHm4Dtap2BhFJ66l73wjdMy7BG+UR/wgocQOg=
x-amz-request-id: V9TD35NB47D1R23B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 22:46:18 GMT
age: 1575
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 23:12:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fibredepict.cn/favicon.ico
104.21.18.111200 OK 455 B URL HTTP/1.1 fibredepict.cn/favicon.ico
IP 104.21.18.111:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c5d244b8b6b192c76a2c4331450c235
7e53f5ad871fcd67705eaf77f1ca9ff247143e1e
e0f26b6349453a86cd1f0f87cfd80559ef7edb6d88ff0af9ced7d7e413c548e3
GET /favicon.ico HTTP/1.1
Host: fibredepict.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fibredepict.cn/usps/tb.php?
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 23:12:34 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2016 03:54:11 GMT
ETag: W/"5861e5e3-1b0"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XQ5UmJ2kHuXLOGI169FxKdBLHFifSCb38XYAkcLOBodaJZbKdTTEG5vExdXN33abqGxkXi%2BzWdw6S%2BdMeXGwR8yxCeBfDzQTtInWDbkXAjFPfr2VmfYr9NqhcIbN7B8bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7737bf84ac65fabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fibredepict.cn/j/og2.js?_t=1670022752162
104.21.18.111200 OK 942 B URL HTTP/1.1 fibredepict.cn/j/og2.js?_t=1670022752162
IP 104.21.18.111:0
File type ASCII text, with CRLF line terminators
Hash bad1af26351d2e87c035596233940ab0
9ac0e34dcbfd29ca3070c506c200777a8016b161
bc734ed6fc97cbcbaa0ed5236ce8aa46754596a9a79eef96684242d231d0644e
GET /j/og2.js?_t=1670022752162 HTTP/1.1
Host: fibredepict.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fibredepict.cn/usps/tb.php?
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 23:12:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 16:09:56 GMT
Vary: Accept-Encoding
ETag: W/"635172d4-850"
Expires: Sat, 03 Dec 2022 11:12:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oDmXMD4hVXLA9BPUdlpG13LvZHtXC2c67K%2FmT%2FykY75p28ZP4F7bV8mY5PyQCnit0VqsmCG9Lc1usb%2BCkLQUbdcBYgH1K4foSQ11QmH1NsJrajJg%2FOtnm231makvhtbig%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7737bf850904b4ff-OSL
alt-svc: h2=":443"; ma=60
fibredepict.cn/j/og2.php?_t=1670022752308
104.21.18.111200 OK 99 B URL HTTP/1.1 fibredepict.cn/j/og2.php?_t=1670022752308
IP 104.21.18.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1bae817fc9d2da888160b0c5ff96d227
0ac7adaf2d3194995fb57305172e6df77a15ab37
9b0bb513e73251e2b3957a22904dadcd06c48e5bb01a36480b00dcc160c9d8b2
Analyzer Verdict Alert fortinet Phishing
POST /j/og2.php?_t=1670022752308 HTTP/1.1
Host: fibredepict.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 43
Origin: http://fibredepict.cn
Connection: keep-alive
Referer: http://fibredepict.cn/usps/tb.php?
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 23:12:34 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ee692GFpTLaoLWb261YZAncXtsHjomIi88b3VR41T66LCjCTayr4zcBWxLe42WWLEB9qdBleZ23kt2gqZwmGaW8jjLnVLdpvx0KiVoCFM%2FQig32C1LqNtGVB5SRuWBtqw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7737bf85c9a9b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 23:08:57 GMT
cache-control: public,max-age=3600
age: 217
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/RvgOJmVlwCk
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/RvgOJmVlwCk
IP 142.250.74.131:0
Hash f505757141d33d18c089eb8722c95153
bc551680d87ba8193b9753d6d6ce40539064bea3
ae927bd7a70087c887f1e4dc7f58d2c2c273137de380929d5ac1fdc5c0c27dc9
POST /s/gts1p5/RvgOJmVlwCk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3070
Cache-Control: max-age=125130
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:34 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:58:04 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1p5/RvgOJmVlwCk
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/RvgOJmVlwCk
IP 142.250.74.131:0
Hash f505757141d33d18c089eb8722c95153
bc551680d87ba8193b9753d6d6ce40539064bea3
ae927bd7a70087c887f1e4dc7f58d2c2c273137de380929d5ac1fdc5c0c27dc9
POST /s/gts1p5/RvgOJmVlwCk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
151.101.129.229200 OK 21 kB URL HTTP/2 cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
IP 151.101.129.229:0
File type ASCII text, with very long lines (65317)
Hash b5ae87c0e4dd241b533e67053b0b719d
6b7b568694a95d81a94dea9ef7a85d1317d448dc
5bae5997fbca925ac6e52be8163ca897e751fcc9331552e0f77a22dd35b64521
GET /npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 6.1.1
x-jsd-version-type: version
etag: W/"189ae-CRAs/GDvtDCiXul87ppqNd9t/Fk"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 23:12:34 GMT
age: 2678868
x-served-by: cache-fra-eddf8230116-FRA, cache-bma1644-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20556
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d0af05ae775bf61d09d44fd26f3296c7
9d1055b15bb3fc4070c8699ab584f8a28538deda
aebed117bf97f74e7283a12dab3bdc536c7b38dea3bb206e5af269d8e42e6d93
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5950
Cache-Control: max-age=156849
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:34 GMT
Etag: "638a30d5-117"
Expires: Sun, 04 Dec 2022 18:46:43 GMT
Last-Modified: Fri, 02 Dec 2022 17:07:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d0af05ae775bf61d09d44fd26f3296c7
9d1055b15bb3fc4070c8699ab584f8a28538deda
aebed117bf97f74e7283a12dab3bdc536c7b38dea3bb206e5af269d8e42e6d93
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5950
Cache-Control: max-age=156849
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:34 GMT
Etag: "638a30d5-117"
Expires: Sun, 04 Dec 2022 18:46:43 GMT
Last-Modified: Fri, 02 Dec 2022 17:07:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
151.101.129.229200 OK 2.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
IP 151.101.129.229:0
File type ASCII text, with very long lines (16263)
Hash bd3ea59ca12635e32402ec20cb196249
b1bfdaba4a00c2932245ff9eabea38016f9c9069
b99f8f79de257275fdbf6a8e0eb4652b0d69429552234b1f444c08ae85000341
GET /npm/select2@4.1.0-rc.0/dist/css/select2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.0-rc.0
x-jsd-version-type: version
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 23:12:34 GMT
age: 21443260
x-served-by: cache-fra19146-FRA, cache-bma1644-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2162
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 51bee50d4281f6ae4500162ac6fd95ad
b6ea851df0de976cb0489305cf00757633146bf3
03a1f1caa3730754264e77c6b8df08080b4e183b212280c63e4eaccdb401713b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03A1F1CAA3730754264E77C6B8DF08080B4E183B212280C63E4EACCDB401713B"
Last-Modified: Thu, 01 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2968
Expires: Sat, 03 Dec 2022 00:02:02 GMT
Date: Fri, 02 Dec 2022 23:12:34 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
172.217.21.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
IP 172.217.21.168:0
File type ASCII text, with very long lines (20080)
Hash c6eaed2deac95dec37af10be393ce37c
959e291647fb6ba21398d70e5a62e3fd74aceee7
fc504617c12f897fbd8b0838cfd99ef0e5f5656818c4215eeeb2143e241b83b2
GET /gtag/js?id=G-0C230YDF7G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 23:12:34 GMT
expires: Fri, 02 Dec 2022 23:12:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76260
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 838628252d73c6bffd9c69f6869c44e0
62235d9890ed5c8056ecefca18e926560a1adb3c
87faf5247771d375fcc61d0f90ef3695c52a65a4749a84c61a19c1f073e60fef
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 23:12:34 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "2B647D79FC61E410636300A5955EBD24792CBA50"
Expires: Sat, 03 Dec 2022 10:00:00 GMT
Last-Modified: Fri, 02 Dec 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1241
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7737bf8a78ae1c06-OSL
www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
172.217.21.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
IP 172.217.21.168:0
File type ASCII text, with very long lines (20080)
Hash 17f7c71e377c39e2aed49562d8148605
3cf8eebe7bd2d8945e433f39a9a143e32b2e5792
ed2422fc90cb5f4ea13faf99fd7a066150210a6b89352f2a36bc527f1e84ec3e
GET /gtag/js?id=G-LW7434MYMN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 23:12:34 GMT
expires: Fri, 02 Dec 2022 23:12:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 192308a99b557bed384aecc29e85f66b
0943c11e5b7fca30176cdde5e1fc19553b0ab3e8
b59fee4ddee8362fc93d3d3b159a3bc0d541099db4deb6837ed4baa587ff73ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B59FEE4DDEE8362FC93D3D3B159A3BC0D541099DB4DEB6837ED4BAA587FF73FF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11691
Expires: Sat, 03 Dec 2022 02:27:26 GMT
Date: Fri, 02 Dec 2022 23:12:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d0af05ae775bf61d09d44fd26f3296c7
9d1055b15bb3fc4070c8699ab584f8a28538deda
aebed117bf97f74e7283a12dab3bdc536c7b38dea3bb206e5af269d8e42e6d93
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5951
Cache-Control: max-age=156849
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:35 GMT
Etag: "638a30d5-117"
Expires: Sun, 04 Dec 2022 18:46:44 GMT
Last-Modified: Fri, 02 Dec 2022 17:07:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
52.38.139.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.139.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: z3mEul1GeJnqvcpqeUpH/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G7Qeq/cjzru+W5xworpXh27Aw6o=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d0af05ae775bf61d09d44fd26f3296c7
9d1055b15bb3fc4070c8699ab584f8a28538deda
aebed117bf97f74e7283a12dab3bdc536c7b38dea3bb206e5af269d8e42e6d93
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=150898
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:35 GMT
Etag: "638a30d5-117"
Expires: Sun, 04 Dec 2022 17:07:33 GMT
Last-Modified: Fri, 02 Dec 2022 17:07:33 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9bd806cca07dea834ae8e19fe9681b03
2177d482712d52a37e8c40a647b18ca18cceb3e1
bc838e9f2fb696c917c7132e05d99914472c6b06336202b072902ade707a6ffd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9bd806cca07dea834ae8e19fe9681b03
2177d482712d52a37e8c40a647b18ca18cceb3e1
bc838e9f2fb696c917c7132e05d99914472c6b06336202b072902ade707a6ffd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dd23da2808ae8aa86b91400946d25876
42f33a327a1e47ca49dddff6997c5ef782ec82ae
041096a10c64c40fd34d9e37fbd2e1ac629de0580e4977c28729bc8809636a22
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "041096A10C64C40FD34D9E37FBD2E1AC629DE0580E4977C28729BC8809636A22"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10017
Expires: Sat, 03 Dec 2022 01:59:32 GMT
Date: Fri, 02 Dec 2022 23:12:35 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dd23da2808ae8aa86b91400946d25876
42f33a327a1e47ca49dddff6997c5ef782ec82ae
041096a10c64c40fd34d9e37fbd2e1ac629de0580e4977c28729bc8809636a22
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "041096A10C64C40FD34D9E37FBD2E1AC629DE0580E4977C28729BC8809636A22"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10017
Expires: Sat, 03 Dec 2022 01:59:32 GMT
Date: Fri, 02 Dec 2022 23:12:35 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dd23da2808ae8aa86b91400946d25876
42f33a327a1e47ca49dddff6997c5ef782ec82ae
041096a10c64c40fd34d9e37fbd2e1ac629de0580e4977c28729bc8809636a22
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "041096A10C64C40FD34D9E37FBD2E1AC629DE0580E4977C28729BC8809636A22"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10017
Expires: Sat, 03 Dec 2022 01:59:32 GMT
Date: Fri, 02 Dec 2022 23:12:35 GMT
Connection: keep-alive
1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
142.250.74.161200 OK 14 kB URL HTTP/2 1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
IP 142.250.74.161:0
File type PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Hash ff055162c5d233506eece3fb69a47e74
49812e303ae6674819b6a7a6e0721d555ef64df4
7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Fri, 02 Dec 2022 22:00:34 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 4321
etag: "v630"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9bd806cca07dea834ae8e19fe9681b03
2177d482712d52a37e8c40a647b18ca18cceb3e1
bc838e9f2fb696c917c7132e05d99914472c6b06336202b072902ade707a6ffd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 23:12:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
263cdn.com/upload/usps.yy.jpg
104.21.235.74200 OK 8.2 kB URL HTTP/2 263cdn.com/upload/usps.yy.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 165x120, components 3\012- data
Hash 226a4e085c4d8f9674ee2b0a11dd317c
df8d0b05e85183e6f09472c555c33eecd199d823
ac0d3e7ab425b9783a1e83132cb5d09dc413bef250d25ecd6eb6895c860bced4
GET /upload/usps.yy.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 8177
x-guploader-uploadid: ADPycdupa52HQtj2akEdPv6KJVVgk-IdQulF4m51ev3Tk4fbMHnsRKAdOnWdKX2g6V341kvkck-VpIufqF36FtjL_MzpNw
expires: Fri, 02 Dec 2022 23:45:10 GMT
cache-control: public, max-age=14400
last-modified: Thu, 25 Aug 2022 14:55:45 GMT
etag: "226a4e085c4d8f9674ee2b0a11dd317c"
x-goog-generation: 1661439344982122
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8177
x-goog-hash: crc32c=dcK+nw==, md5=ImpOCFxNj5Z07isKEd0xfA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 494
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWKRXQYYB73AA4PfSg5iQNz3P0JxKksYCeZFKi11iHfmD4b2x%2Brss8ls32PJ58fnoEf9YsZ4v8imENFUzYAHsxG5bjT8O3iIVbnT8sCPpD4kYMW%2BUDgsKWzMzIs7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c7ce1887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/uspsm.box2.png
104.21.235.74200 OK 7.2 kB URL HTTP/2 263cdn.com/upload/uspsm.box2.png
IP 104.21.235.74:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash cd6a41f9665594a48149a56b76e5a6ae
85ad07d91e04b3fcd2a435f99650614a8352930c
a4e8c4850780a57c521407be9df8797bbb66db4120e8b28859aebd8abd5cda7b
GET /upload/uspsm.box2.png HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/png
content-length: 7199
x-guploader-uploadid: ADPycdvZAV3yxiOCoQn4oAFK7MIiYWS7YsYSTM89AoA2ncRuwIwPeNTOVXjYhdMMXLb3fGE8Nw992sabtCozQ7rFrTxlJA
expires: Fri, 02 Dec 2022 23:11:59 GMT
cache-control: public, max-age=14400
last-modified: Thu, 25 Aug 2022 15:04:36 GMT
etag: "cd6a41f9665594a48149a56b76e5a6ae"
x-goog-generation: 1661439876717427
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7199
x-goog-hash: crc32c=dyFNGg==, md5=zWpB+WZVlKSBSaVrduWmrg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3432
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1N0StJNouSDhlT8cr%2BnwxxFTpfKBSfIS7bDa4IlQyjjkiq855sBlXM%2Fcvs%2B0cdUkUfGT1%2Fy0usfPbmuj%2FE%2FvisCxAHGBtHtAWGonO%2BoT7GyLep5XzzfXANsTF%2BgY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c7cd7887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Rustam%20Oruj.jpg
104.21.235.74200 OK 29 kB URL HTTP/2 263cdn.com/upload/Rustam%20Oruj.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 7a81bfffa80a49fa130eaf03378d3b6d
98d2920144684413b97938217af15fdb5d0e2ca4
3f956b8874dc18d21d563308e8c9033daf5196ba5aef69b527e8ed5290199429
GET /upload/Rustam%20Oruj.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 28866
x-guploader-uploadid: ADPycdtKfwbbjKdm6TTTuJZPrH2UUmRjNU4KS2gbUcKrI4H-jIQc82DpSzIvhjDZ4MITDB_yVjAexlq0YOqIDzdH5CgR7ztf17AT
expires: Fri, 02 Dec 2022 23:18:39 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:47:28 GMT
etag: "7a81bfffa80a49fa130eaf03378d3b6d"
x-goog-generation: 1655329648409928
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 28866
x-goog-hash: crc32c=/SFR5g==, md5=eoG//6gKSfoTDq8DN407bQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3236
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFZpT8LWw0vDmbjI5UxBp%2BP9SFP8CR4vJ00tYkNJPmTn3J0v5b5qNaAe36BJkFlsVkJtuH%2BZCoMzKECgVEk9m7QHnUkNNQ9q%2B3yBfIHIW9f%2BsIm%2FIs6nCMjG5MxI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c7cf0887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Joseph%20Kanchi.jpg
104.21.235.74200 OK 18 kB URL HTTP/2 263cdn.com/upload/Joseph%20Kanchi.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 74bde6939f074bbe9cb047c59d756ffe
030b4e6729dcbb973b72f1a67c09099fe0dd2f2b
a298f992db50a2c50f29b0f4fe8fe58f5ddb09de13fbf57fcf36d3ec631de62a
GET /upload/Joseph%20Kanchi.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 17788
x-guploader-uploadid: ADPycdvDhK65WmF4WQmHKtIOSBenu8nWErTq9ik75SoZSXYR6ETvZV3BCUoJncLHNVkUa9anLY9Ow-2zLQkR3yzQsvtL0g
expires: Fri, 02 Dec 2022 23:31:40 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:46:39 GMT
etag: "74bde6939f074bbe9cb047c59d756ffe"
x-goog-generation: 1655329599108979
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 17788
x-goog-hash: crc32c=W0Dksg==, md5=dL3mk58HS76csEfFnXVv/g==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 679
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3PimG%2BuLg1IJQrw580dpi4to8%2FgtWg7mS3lOexnOIn1ZLQfn%2F85%2FRoltks6zkP0i4z7DM58lzVoAUS2l19gzlGRaoQ0IofLEqDtow%2FyDEZtdbi4hHK4uyAVGZjY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c7cf4887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dd23da2808ae8aa86b91400946d25876
42f33a327a1e47ca49dddff6997c5ef782ec82ae
041096a10c64c40fd34d9e37fbd2e1ac629de0580e4977c28729bc8809636a22
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "041096A10C64C40FD34D9E37FBD2E1AC629DE0580E4977C28729BC8809636A22"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10017
Expires: Sat, 03 Dec 2022 01:59:32 GMT
Date: Fri, 02 Dec 2022 23:12:35 GMT
Connection: keep-alive
263cdn.com/upload/Jubosh-Kolencik.jpg
104.21.235.74200 OK 28 kB URL HTTP/2 263cdn.com/upload/Jubosh-Kolencik.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash f610dc6591af9b85d5fbfb1933ea833f
4b08fcc89454d352d422b9f375ccb44712b3e24a
55aaad0519b7bb45de57f1e1c9151a3ac381c3887f05f43d4ed3517e8bc8994e
GET /upload/Jubosh-Kolencik.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 27878
x-guploader-uploadid: ADPycdtl-Fok-o-o4v1H7O6HHWACTF1fIT843jPGCsC24JuUi8rVqhEcD5GCdVVbLbViTBeS_qlb8dX5avBMHBikAHVG4VPslRDl
expires: Fri, 02 Dec 2022 22:40:59 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:46:39 GMT
etag: "f610dc6591af9b85d5fbfb1933ea833f"
x-goog-generation: 1655329599305485
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 27878
x-goog-hash: crc32c=b9UNLg==, md5=9hDcZZGvm4XV+/sZM+qDPw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2261
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFhi5wZYI3BUFKsUOlQuT0NIAymK%2FeidMMPboZ0ymJ9N5V%2B7FsmZWAlD8x%2BJkjLC1T7WTn1WKtzKvN%2FgjK9Nue9DtEvhKqiGErkXuM0weFYK6Mx2gE3GzI4akAzO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c7cec887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/JD%20Doubek.jpg
104.21.235.74200 OK 11 kB URL HTTP/2 263cdn.com/upload/JD%20Doubek.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 145x144, components 3\012- data
Hash 886e35d2eb247195f47cd4f7b39c80d3
be77d65cb783b6c26c51bd563ccd65b8fb552625
d80598543812ad1c72793ec6f19e26525345d69cd5dc882b7e7e0b60f4a80a86
GET /upload/JD%20Doubek.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 10979
x-guploader-uploadid: ADPycds2G3yABEaBfTbQLFrIG805wXAbcOdx2tFug8RdCfZ-o1qEiomDi6JyD446mErgWMJhZnmXApHFyqD1Jbb4SeYUg0_2mqRW
expires: Fri, 02 Dec 2022 23:31:40 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:46:36 GMT
etag: "886e35d2eb247195f47cd4f7b39c80d3"
x-goog-generation: 1655329596079489
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10979
x-goog-hash: crc32c=Od3P8w==, md5=iG410uskcZX0fNT3s5yA0w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 631
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6530KkkuGbRxvGLWsoZS2LTkudWEGhcRb%2Fq%2BNgs7HFz6aUkS%2FnKAecWXDzPaZI17up8X%2Bzb4E%2B43c3xL160L2I%2FvPkm1z%2B1kYKWIdd4WRKEQ8IG7rthwMAhTa5RX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c9d2c887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/usps.zz.jpg
104.21.235.74200 OK 5.0 kB URL HTTP/2 263cdn.com/upload/usps.zz.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 206x120, components 3\012- data
Hash 21127efc42b96cdac29a1e279d404823
1610318f0b89e2096a33c45fcd4c1d207e12aff0
48129ec4b0ffd287b68079f5cb837b12b7e66f66a88ef476084c6d0538c9c3a4
GET /upload/usps.zz.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 5030
x-guploader-uploadid: ADPycdst8dAqpiCz3t-1SRyhhRRc8LOcXHQhAy4V3ruwZw6pdhZ_aH3JT-4NQNEO_Bkmdg0lIJI31B8ZZR5KgtoCkEjAtzJ1vXhp
expires: Fri, 02 Dec 2022 23:11:59 GMT
cache-control: public, max-age=14400
last-modified: Thu, 25 Aug 2022 14:55:46 GMT
etag: "21127efc42b96cdac29a1e279d404823"
x-goog-generation: 1661439346199882
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5030
x-goog-hash: crc32c=x9U1/g==, md5=IRJ+/EK5bNrCmh4nnUBIIw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 96
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZg7trze%2FIaY9IlEWDyc%2F0zQB1eOHfKu2EHszmrzcTi9RJ%2FiOrxVs1mIgdR4q766F0CsSuOA6jWdnRJdRBIg1sDAHlos48QaNq43iwNK8XJAwVuwoErQ0NwHkQPL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c9d2a887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/usps.zo.jpg
104.21.235.74200 OK 14 kB URL HTTP/2 263cdn.com/upload/usps.zo.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 199x120, components 3\012- data
Hash 0214ae1a08054577121723cd62f7fe55
87333fbea11943fde61dfd19b1d751b11ac871ae
9d242691e3dedeb124f366db00d37ecd1cfeff9ec5264ca02aafc36526869663
GET /upload/usps.zo.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 13687
x-guploader-uploadid: ADPycdsWimYORv6cTRh9DZ9wYBt_5G_MJXHa2qucQostKLXaXMGI6XhwsbCiXWy-pB3HFYkIkjJ9wBgmvH3w2qot5VP3Eg
expires: Fri, 02 Dec 2022 23:42:09 GMT
cache-control: public, max-age=14400
last-modified: Thu, 25 Aug 2022 14:55:45 GMT
etag: "0214ae1a08054577121723cd62f7fe55"
x-goog-generation: 1661439345346362
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13687
x-goog-hash: crc32c=2AyQ6Q==, md5=AhSuGggFRXcSFyPNYvf+VQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 643
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewHEolNCb08y0IRcSchQAX6Ob59g4RhExEMmRZZTNx3zp5fbBOMw4AqKOC1E6XjtmI3roudk1Z5UyiDg7pTl6tEsDr5Tg%2BoS6ZPWJ8pDr4MFq%2F7ucgMnRF8zpXEh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c9d2b887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Treesisilia.jpg
104.21.235.74200 OK 25 kB URL HTTP/2 263cdn.com/upload/Treesisilia.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 22fb858c0563c2482d086cca3cd26cb6
d627302ed6b80ddc306247e736019d550a8ddf73
693b14ac3a2b4221d95ea3071c203dde4882b79aa1cb7bb8ab647802762b6f52
GET /upload/Treesisilia.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 24569
x-guploader-uploadid: ADPycdvS0ROLT0EBQiNPWUI-jTcF0moCT0SuvTSF2Fnswk7WYC3wMoNKJWXSyVH00xm88rTdhoSv3NvTx98DgmyK3WmvkEt8Pl-L
expires: Fri, 02 Dec 2022 22:50:39 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:47:57 GMT
etag: "22fb858c0563c2482d086cca3cd26cb6"
x-goog-generation: 1655329677032585
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 24569
x-goog-hash: crc32c=hwzIAA==, md5=IvuFjAVjwkgtCGzKPNJstg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2673
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f08cL4hFzZv02Khpj%2BWFCORbfho6TQLjqTAUtpAjzIttUe%2BE%2BGN2SXuerPeZ8a6fBbrV9qQQC12dNdhWNKukVXV2S5X8j0X%2BSpSAQKINq5wEsopV1QOJUhV3cLKA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c9d29887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Pierre%20Renaudin.jpg
104.21.235.74200 OK 22 kB URL HTTP/2 263cdn.com/upload/Pierre%20Renaudin.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 8f63e05228dc94b4f5091a84c9b4168d
4b2d1fe92d6461bb7e39415cf3c8af4fa104791e
9fbff31d3ad789f22276cc030afe35e67e10928db0ff2f384fcedc30ab48ae21
GET /upload/Pierre%20Renaudin.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 21791
x-guploader-uploadid: ADPycdtY74Db5IizNzfWB7t1EtJCOn834FBsfEYjBn-lFCPE07g4n1JFrw30FM6TqG5Ia-5jMcUVbltpsPu7AuMyUi5SG0P9XPaB
expires: Fri, 02 Dec 2022 23:46:58 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:47:17 GMT
etag: "8f63e05228dc94b4f5091a84c9b4168d"
x-goog-generation: 1655329637728133
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21791
x-goog-hash: crc32c=bXAAZg==, md5=j2PgUijclLT1CRqEybQWjQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1537
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FM1YESNEKzoNcG%2BO4Ez0rezPfOW2SOQl0NIoIXxQ1QNjko4Sk%2BEjPOpQzYDOK14R83s%2BIagj4rLLme9cG%2BjIUPhyRfK%2FwxGA7pNQ1T%2FfRdHuPYVvElrN1qH6VUZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c9d2f887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Zuri.jpg
104.21.235.74200 OK 30 kB URL HTTP/2 263cdn.com/upload/Zuri.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 81cac847e1b4add31315a7b64943e9b3
ee6e0ea64ca57d70f2e81432b79692a35f8110bd
fa36a530fb40523ca5656d8bad2637e239d04547b7472a4442a7adb4c9730ed9
GET /upload/Zuri.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 29705
x-guploader-uploadid: ADPycdsTB6c2wPmuoC0qjWw0agiXLfEK68s4DWua-m7EhOBtVYVuo0ClHFonecnVSWXyIFAWM1-NerGf1njaJCGxdsjAYH9m2DUI
expires: Fri, 02 Dec 2022 22:37:47 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:48:05 GMT
etag: "81cac847e1b4add31315a7b64943e9b3"
x-goog-generation: 1655329685586817
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 29705
x-goog-hash: crc32c=TLKIDQ==, md5=gcrIR+G0rdMTFae2SUPpsw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2221
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbBaX4HuTF31hoYrBZNa0SQHg1rFyNIFEeS7hjA6W5fb2BD8WBOp7GKu6TjjdDz35jTOWZtKqxnqCp8dtUdsU2jNzqBkJtvS98aPlTzm6gdTYzUoD%2Fzypt7Zx2%2FS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c9d30887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/uspsm.box1.png
104.21.235.74200 OK 28 kB URL HTTP/2 263cdn.com/upload/uspsm.box1.png
IP 104.21.235.74:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 2a424d24ab2c74f09c1cdef968d0c6e6
08f4527d6ef70aeb2e9338f61c0292d201ce2aa3
5edbcaaf73e0b2bc018151cb44a4b53fdf39e5fc00a217cb4a050d1dcb88f7ce
GET /upload/uspsm.box1.png HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/png
content-length: 27996
x-guploader-uploadid: ADPycdvelgjqfH6T3ebZFEHmSVuaHnAZSLnVYHeMzspenujMes-Qoi4UhCi23jm1DETYoagb1cPv2I-RfrVRZ4FweNYszg
expires: Fri, 02 Dec 2022 22:44:38 GMT
cache-control: public, max-age=14400
last-modified: Thu, 25 Aug 2022 15:04:36 GMT
etag: "2a424d24ab2c74f09c1cdef968d0c6e6"
x-goog-generation: 1661439876670381
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 27996
x-goog-hash: crc32c=xH44hQ==, md5=KkJNJKssdPCcHN75aNDG5g==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3525
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEAAVW7x3ABkgMWlUq2duOVrep86OpK%2FY0wRPUydSV4gyqdS6GvS4bBISKfeTamEZdQ%2FqMrgHRd4%2BJjj0kjiI%2FSpvob%2F7TB0zWAKHIQ0CBrgA%2FkevE1z%2BBfrik2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c9d33887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/usps.zhu.jpg
104.21.235.74200 OK 62 kB URL HTTP/2 263cdn.com/upload/usps.zhu.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 512x288, components 3\012- data
Hash f547c83d389743d2766ae65a16f36000
f0534dbd5c2d80705ae4758d7e09abe503b16b16
c4c8f63b93cf201899cbcb0e7a160d5a2ea23db7bf28add154946a6eee954191
GET /upload/usps.zhu.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 62439
x-guploader-uploadid: ADPycdvmFPbud5jigdFGNhm-aVwpx-8v_Ku8VW2BzPTci98wFIMT4Cd2LZbaXmBRIdrkoJbh7PfclrhzJZ1fKqAUViXP0A
expires: Fri, 02 Dec 2022 23:29:54 GMT
cache-control: public, max-age=14400
last-modified: Thu, 25 Aug 2022 14:55:45 GMT
etag: "f547c83d389743d2766ae65a16f36000"
x-goog-generation: 1661439345270782
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62439
x-goog-hash: crc32c=HGVDsg==, md5=9UfIPTiXQ9J2auZaFvNgAA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1509
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzLts9zJsm%2FOHW8thk2z%2FSJZvUJT7t%2FNGD7GltIirKdK21gJmjDSKHLvl3lxlP82ch%2FyE0LLULg2fg94O3p2QIzsQml%2BFH%2Bd0C6w8wo1wq8ng6mgO2%2BimPE06pTP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c7ce5887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/L%C3%A9a%20Fenet.jpg
104.21.235.74200 OK 38 kB URL HTTP/2 263cdn.com/upload/L%C3%A9a%20Fenet.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 6a0ee2d82e9e2e4a63af4bd8ec9df5a5
414f34e24d67e585298128249813d2cb54e6ed5d
4da5f51a7c92309a3b29ebf422e5460dc307e5d75e2cf83b486d8703abb2b97a
GET /upload/L%C3%A9a%20Fenet.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 38178
x-guploader-uploadid: ADPycduerwHMccekTfMBKGtQy088ttjYaepL9f3JXEkzhNnaFKahsT8jBJFMj6HcZvU356DP0dsIODbeTCPzL-6tFg3lV4gszmbJ
expires: Fri, 02 Dec 2022 23:59:52 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:46:45 GMT
etag: "6a0ee2d82e9e2e4a63af4bd8ec9df5a5"
x-goog-generation: 1655329605318750
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 38178
x-goog-hash: crc32c=qUuqiw==, md5=ag7i2C6eLkpjr0vY7J31pQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 631
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPE16hBL7QLGwEJjjHUVn71tAKOjRZOFhI%2BVKsKuzvwZBMns2DYXrdB51kQQXTgERjhk%2FP61ov3Y7hKNylhvDxjOCtCkSzv7CQyPpu02%2FVV6ZRkn5o%2BD4t5COcd8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c7cef887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Ashley%20Benson.jpg
104.21.235.74200 OK 32 kB URL HTTP/2 263cdn.com/upload/Ashley%20Benson.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 9f1e9f0170ba7483cc7ce810bbe78e1f
1dc7ab4b8e5734180e22190f0cc6e7123586f244
da41a6d0acadbb94a5d939a2b245838d613ea21ce39bb1dd6b70595322f73043
GET /upload/Ashley%20Benson.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 31801
x-guploader-uploadid: ADPycdvoAbJS3wDomeFrxTg8GEYlDapHiD7MG_vVinCITVsbsZo4E0LtDINoiyHfJMBsddtNnxMy6NLjf_0t3PnTEX4uOxsM0G7c
expires: Fri, 02 Dec 2022 22:40:22 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:45:34 GMT
etag: "9f1e9f0170ba7483cc7ce810bbe78e1f"
x-goog-generation: 1655329533993202
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 31801
x-goog-hash: crc32c=ikFAgQ==, md5=nx6fAXC6dIPMfOgQu+eOHw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2164
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5PWJgEVl1jFRZrXRAtsP7sNi6kTPmN2agVU6nRBgG6krnS%2B%2F5j%2BN58VA2FnIZFvke8vst1rtzVZUoSDW6XXnNIwwKg76WtqXcVugZo%2FL9NAbODGnvrdpghbXmA%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c7ce9887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/uspsm.box3.png
104.21.235.74200 OK 33 kB URL HTTP/2 263cdn.com/upload/uspsm.box3.png
IP 104.21.235.74:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a89dd62775cdc10e9b1e5a2c4ba7b13
ae9a0572bb90467e967c4844a054df352d2bd043
f6b816e6556d9c5fd8de013bf03231102b5145ec406ed53e9e088c9a076d5f31
GET /upload/uspsm.box3.png HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/png
content-length: 32882
x-guploader-uploadid: ADPycdv0ti_q6Ei4drUeY1YS3fxJ8gLZu3bhwU1pz-mCYyKgnX6-g87vkd5oh1XKtl5aYRSAUiye_64RzXySFn12VPaJgg
expires: Fri, 02 Dec 2022 23:42:09 GMT
cache-control: public, max-age=14400
last-modified: Thu, 25 Aug 2022 15:04:36 GMT
etag: "3a89dd62775cdc10e9b1e5a2c4ba7b13"
x-goog-generation: 1661439876673679
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 32882
x-goog-hash: crc32c=hhXzuA==, md5=OondYndc3BDpseWixLp7Ew==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 608
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcXwE9%2BmrSfDuSV9sZaPEWHYQVp0mRfhUjhc2gTpghgx0oJ1iP0%2FOzfIRjHuayiEAs1hU%2BHWU4R%2B2bUHFvOYMVMJ%2Bq3PYIQZb7b%2B5Ma98ouZnPlkfpSuOlhnclFx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c9d2d887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN>m=2oebu0&_p=1385546907&cid=1120913043.1670022754&ul=en-us&sr=1280x1024&_s=1&sid=1670022753&sct=1&seg=0&dl=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377&dr=http%3A%2F%2Ffibredepict.cn%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN>m=2oebu0&_p=1385546907&cid=1120913043.1670022754&ul=en-us&sr=1280x1024&_s=1&sid=1670022753&sct=1&seg=0&dl=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377&dr=http%3A%2F%2Ffibredepict.cn%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LW7434MYMN>m=2oebu0&_p=1385546907&cid=1120913043.1670022754&ul=en-us&sr=1280x1024&_s=1&sid=1670022753&sct=1&seg=0&dl=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377&dr=http%3A%2F%2Ffibredepict.cn%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://idealvicious.xyz
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://idealvicious.xyz
date: Fri, 02 Dec 2022 23:12:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
172.64.164.21200 OK 16 kB URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP 172.64.164.21:0
File type ASCII text, with very long lines (63188), with CRLF line terminators
Hash 26f241a08544822c7d9b92e932f405b9
5e8e79d51c5f7255766417e5a5c5029b5de409bb
18e8a29aa76eaa44ce163948647ca07f104aac86018ee2f776558bd037aa5ba1
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:34 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdtaXO8Pt4mYxS4tkg36SiMjVR6jjL7hB9EkK5aPNXJ0rrhhBXOw5gRmhJXZ1IYlvDk2NYpvsCE76nxT_QCLJq2KEg
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
expires: Fri, 02 Dec 2022 23:08:44 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
cf-cache-status: HIT
age: 3450
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F81hol6x6z4oMjnnrepcLLxHLBnrFCqCCO7dZ0QXpM1onIJ6ppd%2FnCjnlrI1WFWpOXwgajt32xYN2L%2BlkxeDhX%2B2xl8KPpHf0AQmywUB8F8hltARD0CwRe7tj57MPULlMso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8a7cff7744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6707
Expires: Sat, 03 Dec 2022 01:04:23 GMT
Date: Fri, 02 Dec 2022 23:12:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6707
Expires: Sat, 03 Dec 2022 01:04:23 GMT
Date: Fri, 02 Dec 2022 23:12:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6707
Expires: Sat, 03 Dec 2022 01:04:23 GMT
Date: Fri, 02 Dec 2022 23:12:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 4890
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 23:43:28 GMT
age: 84548
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
172.64.164.21200 OK 14 kB URL HTTP/2 cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 172.64.164.21:0
File type ASCII text, with very long lines (21060), with CRLF line terminators
Hash 3b31fb128c11c6c3682032b2e8624162
7d5163ee8c7cea8f06cbfa8cce69ca89bbd024e2
3c93b34a04bec01f3eb635bac19f5965db339974e38f3317ddf258cc1d5527d0
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:34 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycds3YdIz1R1UN767siseN3QRg96xNyUpzXvJk9EJOVC4B_FNuk3QzAPM9M4PK3JBDjbzDnKqTH3BKTa3eeZtxS7M9edjuqUj
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
expires: Fri, 02 Dec 2022 22:41:45 GMT
cache-control: public, max-age=3600
age: 2369
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSP7yxeDY4RIGoFrAaOQ1SbOP4P1k3836gZxIE31QmNS1fFxhSKEGT8vgnQC2XcdJix1hArn%2BalvEvQCe4JlXh1TX%2FBnDeYCk7oBNE3nbei4xM9yD9Q05ScRWKTWUP%2BBlKU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8a6ce17744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ffa12df550123f63b20f67437cd8a04
398fd2d837c73f54c4591b69cd683f29bdf9184a
fd9ac4396488098923c27531295e64475047dd008a901e59915109a73a69f305
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6119
x-amzn-requestid: cac5842e-2b57-4eda-9b09-27ec8a0b1bf8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMiE7Hq0oAMFzHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381b085-151f123551f999a918de8a3a;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 06:21:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mrS561ug59NStQyD3cH4ndqGvY3QiLVeMFOoC86ktj52PghNjeYa5w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 20:55:39 GMT
age: 8217
etag: "398fd2d837c73f54c4591b69cd683f29bdf9184a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b77186d0d93f7ccfe729edd9d184af3
458aa485b9abef3b72427d308a172d1c24eceabd
8bed5a8e56e8c43fcbdc807245c2b651d014a06368574e57a25b718399a4a701
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6966
x-amzn-requestid: 2b40c185-e050-4bfd-9b08-bb70e6f89824
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfAb7Ev3oAMFnrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389144c-65301ace20da6f580ed77e82;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 20:53:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xBRZ6xulfveO7b5ZY8ApNbQJ1Sz8LbzEAb3YqxOEaZGYem-ZRaar_Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 08:01:16 GMT
age: 54680
etag: "458aa485b9abef3b72427d308a172d1c24eceabd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 585e7e56aed6b2f2f5e658f46bb791c4
34b768eb68f6cb850ff984fd687096e089649523
5412ba902e667571b0bbb3879ba6b9ad39501abce59381e84e6aa09779e7198b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6416
x-amzn-requestid: f5456dd6-8459-4a19-a9b5-b7b567fceb01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cik2pG5aoAMFrVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a81c3-0923232b35133f471332062b;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 22:52:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fO2Nzz-s_o-67i4JhGgbUZdA5G1B8c9RrnJKm56RN7Ae_MK65KeRtQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 23:08:03 GMT
age: 406
etag: "34b768eb68f6cb850ff984fd687096e089649523"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 011845d50f2891a81a7b817a5a23c2d9
a4257ef6482cdf2c74249c5bbed56f86d25ebe56
b5cfef80711175171b6af9e96feb1c981b5eb65d57a0dea7205564675d6a1062
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 23:12:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 06 Dec 2022 20:21:29 GMT
ETag: "a4257ef6482cdf2c74249c5bbed56f86d25ebe56"
Last-Modified: Fri, 02 Dec 2022 20:21:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 95
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7737bf935e5e1c06-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 011845d50f2891a81a7b817a5a23c2d9
a4257ef6482cdf2c74249c5bbed56f86d25ebe56
b5cfef80711175171b6af9e96feb1c981b5eb65d57a0dea7205564675d6a1062
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 23:12:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 06 Dec 2022 20:21:29 GMT
ETag: "a4257ef6482cdf2c74249c5bbed56f86d25ebe56"
Last-Modified: Fri, 02 Dec 2022 20:21:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 95
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7737bf935f2bb4fd-OSL
uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
185.66.200.220200 OK 1.9 kB URL HTTP/2 uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
Hash 6bf1b1d8e7efa2617d11f40c0a48b079
401de04f77c6f080d00d501eeb0bd9adcebbd84c
52dc415243cfd57f84e04a40c44965fdefa21274329dd8e8ed3a0057d823482d
GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: application/javascript
expires: Fri, 02 Dec 2022 23:12:35 GMT
last-modified: Fri, 02 Dec 2022 23:12:35 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?5bc34d9a0b7ef4a641f623683ea4f5e4
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?5bc34d9a0b7ef4a641f623683ea4f5e4
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (659)
Hash 1d94f82137b12d80c17faddee7e82f73
73101405cab2ad4725fa2616ed83be6e51af8dbc
c85de483aa266fdc0e1708093cfb17bf3608e977779fd4e1e4774849ae81a720
GET /hm.js?5bc34d9a0b7ef4a641f623683ea4f5e4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11297
Content-Type: application/javascript
Date: Fri, 02 Dec 2022 23:12:36 GMT
Etag: affa756d5165b6b8007372a1a6731b8d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C6646E623D2A5EB2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash b611594e5d01b01c95ea5ad03cdbd6b9
d905687a49fc1006d687a53fe728bc226ef0abc8
3b218ac291b2001cb5510a830f372b4d93cb13f0878d0bf8ec0e45b4ae7a38e2
GET /hm.js?8b68846a3ac1709b0ec7199084ee5ea8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Fri, 02 Dec 2022 23:12:36 GMT
Etag: 238d11092309f256cc7168a4cd3c9e21
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3A246A6839AC59DF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 2742693e7cb971bf338d5d5f43c649a7
63653babbdd91f273a5760ef7d759a07bf2bbea8
d55bf5a22a92401cffc8f53e88d979533c20baa4ce2ece56749e0cb6a41490f3
GET /hm.js?ba99808308e7272d58c43367a11d1204 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Content-Type: application/javascript
Date: Fri, 02 Dec 2022 23:12:36 GMT
Etag: 12543697a0b048715d92bc10ae15fbc4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F2A740FE5A5DFD03; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash e02b91e4ec3a3bd5e92fdde9a8253ede
75c5c9a497cc112c43706c2c23fdad21d3bfd3c4
e92f2128460ec2f6ec4a4efc1906984be68a1d170572edf748d227e7d3173003
GET /hm.js?957de4d70bf7b7be33bc859d43ad70c6 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11263
Content-Type: application/javascript
Date: Fri, 02 Dec 2022 23:12:36 GMT
Etag: 8662cd16e3807ecac88d4405e39cc373
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F22B401D9AE79535; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=228406550&si=5bc34d9a0b7ef4a641f623683ea4f5e4&su=http%3A%2F%2Ffibredepict.cn%2F&v=1.3.0&lv=1&sn=59886&r=0&ww=1280&u=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377%231670022754039
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=228406550&si=5bc34d9a0b7ef4a641f623683ea4f5e4&su=http%3A%2F%2Ffibredepict.cn%2F&v=1.3.0&lv=1&sn=59886&r=0&ww=1280&u=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377%231670022754039
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=228406550&si=5bc34d9a0b7ef4a641f623683ea4f5e4&su=http%3A%2F%2Ffibredepict.cn%2F&v=1.3.0&lv=1&sn=59886&r=0&ww=1280&u=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377%231670022754039 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 02 Dec 2022 23:12:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=070BEDD4634C9046; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=567667992&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Ffibredepict.cn%2F&v=1.3.0&lv=1&sn=59886&r=0&ww=1280&u=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377%231670022754039
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=567667992&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Ffibredepict.cn%2F&v=1.3.0&lv=1&sn=59886&r=0&ww=1280&u=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377%231670022754039
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=567667992&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Ffibredepict.cn%2F&v=1.3.0&lv=1&sn=59886&r=0&ww=1280&u=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377%231670022754039 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 02 Dec 2022 23:12:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CFD0909FB3CB6647; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1682419306&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Ffibredepict.cn%2F&v=1.3.0&lv=1&sn=59886&r=0&ww=1280&u=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377%231670022754039
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1682419306&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Ffibredepict.cn%2F&v=1.3.0&lv=1&sn=59886&r=0&ww=1280&u=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377%231670022754039
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1682419306&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Ffibredepict.cn%2F&v=1.3.0&lv=1&sn=59886&r=0&ww=1280&u=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377%231670022754039 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 02 Dec 2022 23:12:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=42105C8336CE4C25; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=643915312&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Ffibredepict.cn%2F&v=1.3.0&lv=1&sn=59886&r=0&ww=1280&u=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377%231670022754039
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=643915312&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Ffibredepict.cn%2F&v=1.3.0&lv=1&sn=59886&r=0&ww=1280&u=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377%231670022754039
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=643915312&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Ffibredepict.cn%2F&v=1.3.0&lv=1&sn=59886&r=0&ww=1280&u=https%3A%2F%2Fidealvicious.xyz%2FSy7CilJj%2Fusps%2F%3F_t%3D1670022752377%231670022754039 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 02 Dec 2022 23:12:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=224F1CCECEF6513C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4532744028211c8993ad09a40cc30b3f
d73122ff0d41b76f6a55229b808b53565442c193
2c325ec947c58dd6f3f32652d869d766ec522d6d2c8f1a91f257fc561ae0f9e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C325EC947C58DD6F3F32652D869D766EC522D6D2C8F1A91F257FC561AE0F9E0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17833
Expires: Sat, 03 Dec 2022 04:09:51 GMT
Date: Fri, 02 Dec 2022 23:12:38 GMT
Connection: keep-alive
uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167002275592571&xtt=7398983
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167002275592571&xtt=7398983
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167002275592571&xtt=7398983 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: text/html; charset=UTF-8
expires: Fri, 02 Dec 2022 23:12:35 GMT
last-modified: Fri, 02 Dec 2022 23:12:35 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
bonepa.com/4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_7134&maxw=0
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_7134&maxw=0
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_7134&maxw=0 HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 23:12:37 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Sat, 03-Dec-2022 23:12:37 GMT; Max-Age=86400; secure; SameSite=None
used_ad2558187=1; expires=Sat, 03-Dec-2022 04:59:59 GMT; Max-Age=20842; path=/; secure; SameSite=None
total_impressions=1; expires=Sat, 03-Dec-2022 04:59:59 GMT; Max-Age=20842; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
172.64.164.21200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
IP 172.64.164.21:0
GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:34 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycduIPxBxn9HV1RvlxQW5n8gWMNt2gH6LJACR5zSppFALBLzrzJxa_8ctHWVRnxFIChP9qRRTmrjDnfJ9VGLfuaiuefHrtsZR
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
expires: Fri, 02 Dec 2022 23:47:49 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
age: 729
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QvUuUPmkZsNF8umOqb4fkD63L0LXi3MbJ5aPDGpqUZuSUnq0J%2BA7EdLT%2Fmfmfgv3F0ycOMfnZ71PaB70NE7aAfmD8YU8nZWdrt8MrJ4FTLt2kaY8ZI%2BkHz7eu60lS1T5%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8a7d087744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
142.250.74.161200 OK 0 B URL HTTP/2 1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
IP 142.250.74.161:0
GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Fri, 02 Dec 2022 22:00:34 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 4321
etag: "v632"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
263cdn.com/upload/Volyntyru%20Marian.jpg
104.21.235.74200 OK 0 B URL HTTP/2 263cdn.com/upload/Volyntyru%20Marian.jpg
IP 104.21.235.74:0
GET /upload/Volyntyru%20Marian.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: image/jpeg
content-length: 268772
x-guploader-uploadid: ADPycdvwidOpjYSL5cpDX8AID_q5P3VWa9dYAcXCls9nnG286wCnvGsrIV8pO-Ovcboo9ysrmGQUBBVTmIDeSsHvltv79829FFb3
expires: Fri, 02 Dec 2022 22:40:59 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:48:02 GMT
etag: "d6c5d2f7ae74fd4d609a6964f0169ffa"
x-goog-generation: 1655329682727159
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 268772
x-goog-hash: crc32c=M9wRag==, md5=1sXS9650/U1gmmlk8Baf+g==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2831
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PLbssrn4vkkDqLSFI3%2B7g5Hmzy6EPvVd09SFQBDQzOXOjTK54xf3aZ9bvjMH0Ma6gz5ZtPrjYFqME97kIXcwFZbgNtrLVrStmxeZkY7b6V4t3Y9Ksec463me5IW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8c7cdd887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
172.64.164.21200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
IP 172.64.164.21:0
GET /npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:34 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdveolyrLmPsOpTOe4R8xrc9XLzOm4WE6kDIQQ-Bffr1CkxSQNEa8J0yEWTsx8MoMM6ntSWdKYv4h0j_eGf8uii0qkm1aglD
x-goog-generation: 1647502839791727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 72765
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
x-goog-storage-class: STANDARD
expires: Fri, 02 Dec 2022 23:11:27 GMT
cache-control: public, max-age=3600
age: 120
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
etag: W/"80924b62e5b3ac73aa4849776b439770"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrVv%2FJkV%2FoE0F9wDyGVyETeXT2wlZZmBKUFj1kvpWi9KLGI6nEO60vyegpPaXr3gM7qUkeeALQSIrgSoTqmBQLdQGZ9bKQAOJBLxqjC6BpulIfCJCrM9mQXJ9lOr2kYJ2q4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8a7d0d7744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/generic/7386_3331dw119-EN-300x50.jpeg
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/generic/7386_3331dw119-EN-300x50.jpeg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /generic/7386_3331dw119-EN-300x50.jpeg HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 23:12:38 GMT
content-type: image/jpeg
last-modified: Mon, 28 Dec 2020 14:27:49 GMT
vary: Accept-Encoding
etag: W/"5fe9eb65-16ee"
expires: Sun, 01 Jan 2023 23:12:38 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
idealvicious.xyz/Sy7CilJj/usps/?_t=1670022752377
104.21.83.180200 OK 0 B URL HTTP/2 idealvicious.xyz/Sy7CilJj/usps/?_t=1670022752377
IP 104.21.83.180:0
Analyzer Verdict Alert fortinet Phishing
GET /Sy7CilJj/usps/?_t=1670022752377 HTTP/1.1
Host: idealvicious.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fibredepict.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: pType=mo; expires=Fri, 02-Dec-2022 23:24:34 GMT; Max-Age=720; path=/; domain=idealvicious.xyz
usps-tthh1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.idealvicious.xyz
usps-tthh2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.idealvicious.xyz
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1j2fHqItqGO%2FzuCcKmTFGAgNmBdH7oweqbgGREfqSt50en%2FuLHIL06lEw0olKb00AqQydYtX2vvBHFHWuHPz%2BVTlMJ5UuiQl6smot1c3a3rf5VogzAb1aKn%2BNTpU%2FIrgXecL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7737bf883a43b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
172.64.164.21200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
IP 172.64.164.21:0
GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 23:12:34 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdvCxHltiuPjHL-zbbsBVwle0-vgYS2_pOmv1wzzQZrGSBqUE4vr5WQ_17FuwcGb_O0Ved79CT2MXZTd7QgSd4c
expires: Fri, 02 Dec 2022 22:51:45 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1932
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBLFIAqfuUavWMX9mzn3yk%2Bt4wgwmgKbHWhahf0RnXmNd2dNtHblbhdNI%2FFdO4%2FuLvaGuhFK9W3yh8Zdx1xttsBc2%2FupNcPX78J2uF6uXLIawzn9RrTY9yHgGFRBZal56Vo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737bf8a7d057744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bonepa.com/js/responsive.js
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/js/responsive.js
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
Analyzer Verdict Alert fortinet Phishing
GET /js/responsive.js HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://idealvicious.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 23:12:35 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2