200 OK 139 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (413)
Size 139 kB (138735 bytes)
Hash 65f867bd19a261a2b47e1fe0322589d3
8a92f82f4428d8d62f7d4a807012d5623f864c0c
54472a954ce1cfd43c282808f5184e6b68793f77dd0bc602d4d43049aaa6ac30
GET / HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 26 Dec 2024 18:35:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=efkcOogydQYZqrqbVkZxNcCw7xbBjIzwpcXqknE2Ey9v22HBp7Ryv7ShXa76FbFAy1Vv7URX%2BxH0sn8hYypbErhh8uTCe%2F3tN2ETqDfoKwacw9ABB%2FC8TDn7bVvgpzY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b61c808b4ff-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=6044&min_rtt=492&rtt_var=11122&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3202&recv_bytes=1115&delivery_rate=7156507&cwnd=254&unsent_bytes=0&cid=0f5c58461f2da00f&ts=798&x=0"
X-Firefox-Spdy: h2
GET 14785208.xyz/assets/layer/layer.js
200 OK 14 kB URL GET HTTP/3 14785208.xyz/assets/layer/layer.js
IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (22030)
Hash 0b10cf32765c96cf1104d12855446065
52b2265e70c807fc90c7e330fd1af239747de438
602bf5a02f9e47a081eba92d015398206d7d21b7875f1508ccbdd4b2ec883bca
GET /assets/layer/layer.js HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14785208.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 26 Dec 2024 18:35:15 GMT
content-type: application/javascript
last-modified: Thu, 02 Dec 2021 20:54:59 GMT
vary: Accept-Encoding
etag: W/"61a932a3-5662"
expires: Fri, 27 Dec 2024 06:39:47 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gvGDt4H%2FCIY%2FT79r96%2BvU3WxBJfcTwN20IE1FdVqNjM%2BBKlBmkL9Guagh3d4I9PJs6ot2OFaSx0CLW%2Bsu8Ao6NCiE3yYBFmb9Ri28yp3QmskEfAxotUd2yetHhzwe0M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b68fd600b49-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=4212&min_rtt=1396&rtt_var=2410&sent=29&recv=18&lost=0&retrans=0&sent_bytes=13783&recv_bytes=3685&delivery_rate=4879137&cwnd=12000&unsent_bytes=0&cid=1d2a25c18f63f0c4&ts=898&x=1", cfExtPri, cfHdrFlush;dur=0
GET 14785208.xyz/templates/antidote/js/main.js?v=3.65s2
200 OK 7.7 kB URL GET HTTP/3 14785208.xyz/templates/antidote/js/main.js?v=3.65s2
IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
File type JavaScript source, Unicode text, UTF-8 text
Hash 47d4f2cfb0644ed8ea776916340609f2
6f5f7621b61960e25a0b185584063a6e7fd81b6b
c889ef3386b60e4fd3a1726d5afe01d7444f470fa145d13d8f902e0e07bb37bf
GET /templates/antidote/js/main.js?v=3.65s2 HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14785208.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 26 Dec 2024 18:35:15 GMT
content-type: application/javascript
last-modified: Sun, 03 Mar 2024 18:07:03 GMT
vary: Accept-Encoding
etag: W/"65e4bc47-2949"
expires: Fri, 27 Dec 2024 06:39:47 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkfqwZhByZD6cnkFjDEu0HwAoe1wGvFJ3Bh9NU77%2BfzbW6OOvRE63U64VR%2BznFQQWyCr3yF7y%2FoD3z6eI7i0IX6ZqpecRmSXWxE6yovOr%2Bz0iroQHx%2B0cbYQosUCMug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b68fd610b49-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=4112&min_rtt=1396&rtt_var=2007&sent=37&recv=19&lost=0&retrans=0&sent_bytes=22458&recv_bytes=3728&delivery_rate=2228232&cwnd=12000&unsent_bytes=0&cid=1d2a25c18f63f0c4&ts=915&x=1", cfExtPri, cfHdrFlush;dur=0
GET i1.wp.com/img.erpweb.eu.org/imgs/2024/12/9c7e65f8e9dcd0c1.jpg
200 OK 35 kB URL GET HTTP/2 i1.wp.com/img.erpweb.eu.org/imgs/2024/12/9c7e65f8e9dcd0c1.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintB3:0D:8C:F5:E5:4D:34:B3:46:D6:07:30:52:DA:12:A4:00:08:0F:39
ValidityMon, 09 Dec 2024 09:39:55 GMT - Sun, 09 Mar 2025 09:39:54 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x640, Scaling: [none]x[none], YUV color, decoders should clamp
Hash e8f065ebd56870727f876ab6ff1b07f9
2b6446ccd9965f3c383e583128814f806874e357
91a834b37816fcc402730cd0bd5d779c2ae015c2b86eae38ce733b3842da6767
GET /img.erpweb.eu.org/imgs/2024/12/9c7e65f8e9dcd0c1.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/webp
content-length: 34670
last-modified: Mon, 02 Dec 2024 08:50:11 GMT
expires: Wed, 02 Dec 2026 20:50:11 GMT
cache-control: public, max-age=63115200
link: <http://img.erpweb.eu.org/imgs/2024/12/9c7e65f8e9dcd0c1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "b7430060e4060b53"
vary: Accept
x-nc: HIT arn 7
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i1.wp.com/img.erpweb.eu.org/imgs/2024/11/79423eaa0389d5e5.gif
200 OK 17 kB URL GET HTTP/2 i1.wp.com/img.erpweb.eu.org/imgs/2024/11/79423eaa0389d5e5.gif
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintB3:0D:8C:F5:E5:4D:34:B3:46:D6:07:30:52:DA:12:A4:00:08:0F:39
ValidityMon, 09 Dec 2024 09:39:55 GMT - Sun, 09 Mar 2025 09:39:54 GMT
File type RIFF (little-endian) data, Web/P image
Hash 6a1a4346d74c27eb7bf063f174a95bc8
8ba3084322f493eac7f8f12fbb0571fd7bba2b20
036adf0cf8f8f6b5c4ea26e5b49840325bd4dcfc09045882d6cf63f2ac8d3736
GET /img.erpweb.eu.org/imgs/2024/11/79423eaa0389d5e5.gif HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/webp
content-length: 17286
last-modified: Sat, 23 Nov 2024 08:58:28 GMT
expires: Mon, 23 Nov 2026 20:58:28 GMT
cache-control: public, max-age=63115200
link: <http://img.erpweb.eu.org/imgs/2024/11/79423eaa0389d5e5.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "17c2bb5868d15772"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i1.wp.com/img.erpweb.eu.org/imgs/2024/09/a8a2c2971b8ff9d4.png
200 OK 255 kB URL GET HTTP/2 i1.wp.com/img.erpweb.eu.org/imgs/2024/09/a8a2c2971b8ff9d4.png
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintB3:0D:8C:F5:E5:4D:34:B3:46:D6:07:30:52:DA:12:A4:00:08:0F:39
ValidityMon, 09 Dec 2024 09:39:55 GMT - Sun, 09 Mar 2025 09:39:54 GMT
File type RIFF (little-endian) data, Web/P image
Size 255 kB (254746 bytes)
Hash 0cf2f5d41f2f6b76616d342f11bdc147
0891d9d9cb5a3629bd61c3ac78bb0723719f22ea
71b7bd28fb993b6e502cf7a2e77971fd83fd11605240e2744af52fda58bd6cde
GET /img.erpweb.eu.org/imgs/2024/09/a8a2c2971b8ff9d4.png HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/webp
content-length: 254746
last-modified: Sat, 14 Sep 2024 07:13:29 GMT
expires: Mon, 14 Sep 2026 19:13:29 GMT
cache-control: public, max-age=63115200
link: <http://img.erpweb.eu.org/imgs/2024/09/a8a2c2971b8ff9d4.png>; rel="canonical"
x-content-type-options: nosniff
etag: "9b1a0f1700c29931"
vary: Accept
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i1.wp.com/img.erpweb.eu.org/imgs/2024/09/d9ff07f405644b98.jpg
200 OK 13 kB URL GET HTTP/2 i1.wp.com/img.erpweb.eu.org/imgs/2024/09/d9ff07f405644b98.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintB3:0D:8C:F5:E5:4D:34:B3:46:D6:07:30:52:DA:12:A4:00:08:0F:39
ValidityMon, 09 Dec 2024 09:39:55 GMT - Sun, 09 Mar 2025 09:39:54 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Hash c7e7dfc53df5cd87b42f8f76899464c6
57f133ac6b172af59b6d445b880840f283711ad0
60690f37e7b8bc2f2d28fc683edcfaf1db864a4dd535cc0a068448ed1dc2d0d5
GET /img.erpweb.eu.org/imgs/2024/09/d9ff07f405644b98.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/webp
content-length: 13190
last-modified: Tue, 24 Sep 2024 14:35:02 GMT
expires: Fri, 25 Sep 2026 02:35:02 GMT
cache-control: public, max-age=63115200
link: <http://img.erpweb.eu.org/imgs/2024/09/d9ff07f405644b98.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7fb1760707caa92c"
vary: Accept
x-nc: HIT arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET adjsimg.adjsimg.fun/img/yinghua.jpg
200 OK 219 kB URL GET HTTP/2 adjsimg.adjsimg.fun/img/yinghua.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectadjsimg.fun
FingerprintB7:22:01:91:BC:7C:DB:F5:48:B8:52:54:78:A5:60:D5:D6:C2:10:2B
ValidityTue, 29 Oct 2024 17:33:31 GMT - Mon, 27 Jan 2025 17:33:30 GMT
File type GIF image data, version 89a, 120 x 120
Size 219 kB (218711 bytes)
Hash 66c8ab374bd55a290f332f2b29fe8cd1
a1948f1a7393db9475be458eed532874e019656a
8849b18e207af216ca053c75aacc1a6cf6cb93e2b7b96b4b5936c29c639d8522
GET /img/yinghua.jpg HTTP/1.1
Host: adjsimg.adjsimg.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/jpeg
content-length: 218711
last-modified: Thu, 07 Nov 2024 11:17:05 GMT
etag: "672ca1b1-35657"
expires: Sun, 19 Jan 2025 08:25:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 554959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bwaeQehW0PSce9%2FI%2FH7BAZcpQji%2Fx9qDGMehl1V3CyKCIN0t2gax1UAL%2BIyJ9eAOUWgt22zNit2yz22TNxVoMjfSqnBv1A7wIbkVoyPcaa7p%2FZ4%2FmpinK1dYILsT%2FktLpmEciAq7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f832b72386e569b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1870&min_rtt=514&rtt_var=2488&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1254&delivery_rate=6683076&cwnd=254&unsent_bytes=0&cid=a3a1e8a3e4233c84&ts=59&x=0"
X-Firefox-Spdy: h2
GET i1.wp.com/img.erpweb.eu.org/imgs/2024/12/8b9999f054585b2b.jpg
200 OK 24 kB URL GET HTTP/2 i1.wp.com/img.erpweb.eu.org/imgs/2024/12/8b9999f054585b2b.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintB3:0D:8C:F5:E5:4D:34:B3:46:D6:07:30:52:DA:12:A4:00:08:0F:39
ValidityMon, 09 Dec 2024 09:39:55 GMT - Sun, 09 Mar 2025 09:39:54 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x640, Scaling: [none]x[none], YUV color, decoders should clamp
Hash fcf2c622a0448b8adff6cc9e33cb2c52
0657592cd4c292e4db26c180ce30828a6218cb04
9be5cf56b06686666e93b3cb97c590c089fd753853c960f83ebd80f31e60d780
GET /img.erpweb.eu.org/imgs/2024/12/8b9999f054585b2b.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/webp
content-length: 23946
last-modified: Mon, 02 Dec 2024 08:07:57 GMT
expires: Wed, 02 Dec 2026 20:07:57 GMT
cache-control: public, max-age=63115200
link: <http://img.erpweb.eu.org/imgs/2024/12/8b9999f054585b2b.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a9d1611aa5b2dfed"
vary: Accept
x-nc: HIT arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i1.wp.com/img.erpweb.eu.org/imgs/2024/11/72c71312897caea2.gif
200 OK 933 kB URL GET HTTP/2 i1.wp.com/img.erpweb.eu.org/imgs/2024/11/72c71312897caea2.gif
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintB3:0D:8C:F5:E5:4D:34:B3:46:D6:07:30:52:DA:12:A4:00:08:0F:39
ValidityMon, 09 Dec 2024 09:39:55 GMT - Sun, 09 Mar 2025 09:39:54 GMT
File type RIFF (little-endian) data, Web/P image
Size 933 kB (932634 bytes)
Hash 0772f8ec1533277209e7dc6d90f34b00
960f5b1f16d867c125d0bc886fd6142d359dceb0
184dce87bf8a2c208815611412e2f59eabac2d06d3a7a7a794447b37c081f970
GET /img.erpweb.eu.org/imgs/2024/11/72c71312897caea2.gif HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/webp
content-length: 932634
last-modified: Wed, 06 Nov 2024 13:37:05 GMT
expires: Sat, 07 Nov 2026 01:37:05 GMT
cache-control: public, max-age=63115200
link: <http://img.erpweb.eu.org/imgs/2024/11/72c71312897caea2.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "acf17c5dad4b726b"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i1.wp.com/img.erpweb.eu.org/imgs/2024/12/1aaadc62cee14182.jpg
200 OK 43 kB URL GET HTTP/2 i1.wp.com/img.erpweb.eu.org/imgs/2024/12/1aaadc62cee14182.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintB3:0D:8C:F5:E5:4D:34:B3:46:D6:07:30:52:DA:12:A4:00:08:0F:39
ValidityMon, 09 Dec 2024 09:39:55 GMT - Sun, 09 Mar 2025 09:39:54 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x640, Scaling: [none]x[none], YUV color, decoders should clamp
Hash ab60bc13477514940ba59106c8f4475d
daab0fdda35a1b721470f7f7b8c757d3ae8187a2
911eee48704a2edf00085e12ff5cb7e4d360978c43483843acbf8c06c7363e57
GET /img.erpweb.eu.org/imgs/2024/12/1aaadc62cee14182.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/webp
content-length: 42934
last-modified: Mon, 02 Dec 2024 08:04:06 GMT
expires: Wed, 02 Dec 2026 20:04:06 GMT
cache-control: public, max-age=63115200
link: <http://img.erpweb.eu.org/imgs/2024/12/1aaadc62cee14182.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6fbeebd72db15496"
vary: Accept
x-nc: HIT arn 7
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i1.wp.com/img.erpweb.eu.org/imgs/2024/08/faad1c98c0fcd9b6.webp
200 OK 182 kB URL GET HTTP/2 i1.wp.com/img.erpweb.eu.org/imgs/2024/08/faad1c98c0fcd9b6.webp
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintB3:0D:8C:F5:E5:4D:34:B3:46:D6:07:30:52:DA:12:A4:00:08:0F:39
ValidityMon, 09 Dec 2024 09:39:55 GMT - Sun, 09 Mar 2025 09:39:54 GMT
File type RIFF (little-endian) data, Web/P image
Size 182 kB (182158 bytes)
Hash 892eae1cfaad1c98c0fcd9b67e54514f
24811a0005528995fce8c31c5f06fc4630f57af5
8da4625450b391cfe353cc7af618c3c3648eb660f4ee7708d9ac06f5f461a3cd
GET /img.erpweb.eu.org/imgs/2024/08/faad1c98c0fcd9b6.webp HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/webp
content-length: 182158
last-modified: Fri, 16 Aug 2024 13:23:28 GMT
expires: Mon, 17 Aug 2026 01:23:28 GMT
cache-control: public, max-age=63115200
link: <http://img.erpweb.eu.org/imgs/2024/08/faad1c98c0fcd9b6.webp>; rel="canonical"
x-content-type-options: nosniff
etag: "a88a3e695b7ffc10"
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET 14785208.xyz/assets/layer/theme/default/layer.css?v=3.1.1
200 OK 180 kB URL GET HTTP/3 14785208.xyz/assets/layer/theme/default/layer.css?v=3.1.1
IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
File type ASCII text, with very long lines (14367), with no line terminators
Size 180 kB (179907 bytes)
Hash 3d2e0d91c5c0b96abb8dbdc2234aba77
9d55e153b30fd7414fada5718e20918e9c7f65e7
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc
GET /assets/layer/theme/default/layer.css?v=3.1.1 HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14785208.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: text/css
last-modified: Thu, 02 Dec 2021 20:55:02 GMT
vary: Accept-Encoding
etag: W/"61a932a6-381f"
expires: Fri, 27 Dec 2024 06:39:48 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKPh%2BU9nVifCy%2FU3MD%2F7plwB%2FkY%2FL6%2BFRy1ud5V51iLmBMqNZ7%2FYWw3osTmJF%2FtHJHanhEMjDfqv8hugb4Pr7RF8WC3TQuMdhEyvaXPZ3UaH%2FBZVGCiOqtNjNdTVfr8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b6e7aca0b49-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=2506&min_rtt=1212&rtt_var=1461&sent=98&recv=30&lost=0&retrans=0&sent_bytes=87680&recv_bytes=5165&delivery_rate=14517716&cwnd=31200&unsent_bytes=0&cid=1d2a25c18f63f0c4&ts=1787&x=1", cfExtPri, cfHdrFlush;dur=0
GET adjsimg.adjsimg.fun/img/5.gif
200 OK 1.5 MB URL GET HTTP/2 adjsimg.adjsimg.fun/img/5.gif
IP
Certificate IssuerGoogle Trust Services
Subjectadjsimg.fun
FingerprintB7:22:01:91:BC:7C:DB:F5:48:B8:52:54:78:A5:60:D5:D6:C2:10:2B
ValidityTue, 29 Oct 2024 17:33:31 GMT - Mon, 27 Jan 2025 17:33:30 GMT
File type GIF image data, version 89a, 150 x 150
Size 1.5 MB (1458321 bytes)
Hash ed37de809710b99d39c0842f4a251498
3f0fecffaca3278c686d778d3e23d7eb04d88c86
e01659b7c767cc1f38c4d3ddfd9592fab36f9db523e1da92b256bf9410c33f7b
GET /img/5.gif HTTP/1.1
Host: adjsimg.adjsimg.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/gif
content-length: 1458321
last-modified: Mon, 12 Aug 2024 10:19:06 GMT
etag: "66b9e19a-164091"
expires: Wed, 08 Jan 2025 19:31:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1465445
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aUCytiAQ7Ma4BCSx9jIbJnNgj7n598%2Fc1ougJW8LfPhlufvqUtS5sRMp%2BehYZEYDBftipttBLQFVVhYqVt1zyyzvpoFXB9Q4dnq4DWhH0x2wE6QnqH%2B0zQZ90QZ6dYieptOPVBEj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f832b724882569b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1870&min_rtt=514&rtt_var=2488&sent=54&recv=10&lost=0&retrans=0&sent_bytes=67402&recv_bytes=1254&delivery_rate=6683076&cwnd=254&unsent_bytes=31856&cid=a3a1e8a3e4233c84&ts=66&x=0"
X-Firefox-Spdy: h2
GET i1.wp.com/img.erpweb.eu.org/imgs/2024/12/d2f6efb48c93c9bb.jpg
200 OK 1.9 kB URL GET HTTP/2 i1.wp.com/img.erpweb.eu.org/imgs/2024/12/d2f6efb48c93c9bb.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintB3:0D:8C:F5:E5:4D:34:B3:46:D6:07:30:52:DA:12:A4:00:08:0F:39
ValidityMon, 09 Dec 2024 09:39:55 GMT - Sun, 09 Mar 2025 09:39:54 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 101x101, Scaling: [none]x[none], YUV color, decoders should clamp
Hash ab0abaade14c9c936447b550be0d0d36
25ea1d611dde16e0733f2bd8fd95feda1c7c2cbe
b7c5760fdb35f86bb136c71fcb8284a41a40da64acef74a956c4fda95986d81d
GET /img.erpweb.eu.org/imgs/2024/12/d2f6efb48c93c9bb.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/webp
content-length: 1928
last-modified: Mon, 02 Dec 2024 08:04:05 GMT
expires: Wed, 02 Dec 2026 20:04:05 GMT
cache-control: public, max-age=63115200
link: <http://img.erpweb.eu.org/imgs/2024/12/d2f6efb48c93c9bb.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1e50fe4a5d36456d"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET 14785208.xyz/templates/antidote/css/style.css?v=3.65s2
200 OK 82 kB URL GET HTTP/3 14785208.xyz/templates/antidote/css/style.css?v=3.65s2
IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
Hash 769134d0276bd48b1aa458a68902d4d2
6c1d3f005473a269fd77324c3d07070e932d792f
53620919d31511ecbb946324abd1bdde3654ab9ba664fba682cf37324cfc02cf
GET /templates/antidote/css/style.css?v=3.65s2 HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 26 Dec 2024 18:35:15 GMT
content-type: text/css
last-modified: Tue, 20 Feb 2024 17:23:34 GMT
vary: Accept-Encoding
etag: W/"65d4e016-5e71"
expires: Fri, 27 Dec 2024 06:39:47 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FwiGrgM54z5zuE7mlZkA%2BtceuAXEg4sC4i%2BzZDBMIe%2FF%2FgsM8hnazP1Y3pAsAWk1BTEFhmHwGGrl6AsUqE3GxFO2kRsau7rVcaVKInRkrwziqFOLT1JcIMKl6a7Gf0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b68ed450b49-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=3792&min_rtt=1396&rtt_var=2145&sent=41&recv=20&lost=0&retrans=0&sent_bytes=26526&recv_bytes=3771&delivery_rate=2619402&cwnd=12000&unsent_bytes=0&cid=1d2a25c18f63f0c4&ts=924&x=1", cfExtPri, cfHdrFlush;dur=0
GET i1.wp.com/img.erpweb.eu.org/imgs/2024/12/0f0fccf321e61b0d.jpg
200 OK 11 kB URL GET HTTP/2 i1.wp.com/img.erpweb.eu.org/imgs/2024/12/0f0fccf321e61b0d.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintB3:0D:8C:F5:E5:4D:34:B3:46:D6:07:30:52:DA:12:A4:00:08:0F:39
ValidityMon, 09 Dec 2024 09:39:55 GMT - Sun, 09 Mar 2025 09:39:54 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp
Hash dfeddbfcaf706a733ad47203ecb03d1a
ceb0205a3e78e9a30a826af63454a7a41a10b73a
fc072a1bba2afe98252a6b966c08113e1f861aadce1c9fcf85124d625dd80f93
GET /img.erpweb.eu.org/imgs/2024/12/0f0fccf321e61b0d.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/webp
content-length: 10796
last-modified: Mon, 02 Dec 2024 08:50:11 GMT
expires: Wed, 02 Dec 2026 20:50:11 GMT
cache-control: public, max-age=63115200
link: <http://img.erpweb.eu.org/imgs/2024/12/0f0fccf321e61b0d.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8f8a6d289a9375c5"
vary: Accept
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET 91ymdl.site/202411202349P-100x100.gif
200 OK 32 kB URL GET HTTP/2 91ymdl.site/202411202349P-100x100.gif
IP
Certificate IssuerGoogle Trust Services
Subject91ymdl.site
FingerprintD7:6B:CD:D6:44:D9:6E:D9:D2:1E:9C:F0:5A:6E:B3:26:1A:03:7D:B8
ValidityMon, 28 Oct 2024 21:16:22 GMT - Sun, 26 Jan 2025 22:16:21 GMT
File type GIF image data, version 89a, 100 x 100
Hash 6b2522abd9bf79845506b9370ef0c333
77ede866a07148c92bf5b7bc51a3d9d34f868119
ceadbe6f876e13d8f9ac4ff475fb39e775be1ed1d2114fa98ce358c3676f58a0
GET /202411202349P-100x100.gif HTTP/1.1
Host: 91ymdl.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/gif
content-length: 32381
etag: "6b2522abd9bf79845506b9370ef0c333"
last-modified: Wed, 20 Nov 2024 15:50:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 647
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGFy6%2Fbr%2BdCd27di0K2EHzLuT%2BeNyfCqClIz6pN2kM0Cs12INQBAYqtJCstnUduhB%2BgAU0Acg%2BIIwhDltHKZ%2FdHPeII4GdwC4s3%2BGBsEvOY38ciORTnMFA%2FFBuXE5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b7658ec7129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1198&min_rtt=432&rtt_var=1054&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3259&recv_bytes=1294&delivery_rate=3351851&cwnd=254&unsent_bytes=0&cid=0c86753f72d4dfec&ts=663&x=0"
X-Firefox-Spdy: h2
GET 14785208.xyz/assets/css/font-awesome-4.7.0/css/font-awesome.css
200 OK 188 kB URL GET HTTP/3 14785208.xyz/assets/css/font-awesome-4.7.0/css/font-awesome.css
IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
File type troff or preprocessor input, ASCII text, with very long lines (372)
Size 188 kB (188489 bytes)
Hash c495654869785bc3df60216616814ad1
0140952c64e3f2b74ef64e050f2fe86eab6624c8
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
GET /assets/css/font-awesome-4.7.0/css/font-awesome.css HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 26 Dec 2024 18:35:15 GMT
content-type: text/css
last-modified: Thu, 02 Dec 2021 20:54:42 GMT
vary: Accept-Encoding
etag: W/"61a93292-9226"
expires: Fri, 27 Dec 2024 06:39:47 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycmQtVS%2BvFdrC64pu4UYJUHlgQOdNxRkiIizBqP%2BkWxp1GfLyaCWJ756HiGUEwy9Eng3oQ%2Fx6el9oqMSXwi0HOsL0aLA24XrxJKR%2BQ1qf5ArSJU7%2FieCoWTi%2BLBuSTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b68ed490b49-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=4573&min_rtt=1396&rtt_var=2253&sent=22&recv=17&lost=0&retrans=0&sent_bytes=5538&recv_bytes=3641&delivery_rate=3259&cwnd=12000&unsent_bytes=0&cid=1d2a25c18f63f0c4&ts=895&x=1", cfExtPri, cfHdrFlush;dur=0
GET i1.wp.com/img.erpweb.eu.org/imgs/2024/12/cfbda97d8871486e.gif
200 OK 1.1 MB URL GET HTTP/2 i1.wp.com/img.erpweb.eu.org/imgs/2024/12/cfbda97d8871486e.gif
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintB3:0D:8C:F5:E5:4D:34:B3:46:D6:07:30:52:DA:12:A4:00:08:0F:39
ValidityMon, 09 Dec 2024 09:39:55 GMT - Sun, 09 Mar 2025 09:39:54 GMT
File type RIFF (little-endian) data, Web/P image
Size 1.1 MB (1096456 bytes)
Hash a41ca70f5409dd5e6333dc3093d6fe16
ca638cced42a5d9e9469b63e3536ade4ce1ecc43
72a48772430d2197055e49122800675eb38c78f9dfced9ec9a39c2e70aaf0e95
GET /img.erpweb.eu.org/imgs/2024/12/cfbda97d8871486e.gif HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/webp
content-length: 1096456
last-modified: Sat, 14 Dec 2024 06:47:40 GMT
expires: Mon, 14 Dec 2026 18:47:40 GMT
cache-control: public, max-age=63115200
link: <http://img.erpweb.eu.org/imgs/2024/12/cfbda97d8871486e.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "49c011b708822bd6"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET api.cdnorg.cn:666/api/v1/api2/statistics/start?s=4507be34908c7ad262623603cbd4540d&d=b1N2WGo4eEZkWnJjT1poRFNVazgzcmUwYkw3V1NLSWF6eEVYdk4rZXdhMThOQlczLzgzSTN2R0pGWGZ2RlNNRjRtZGRnQmFmSEx2QW00Njh1K3AybUUvV21lVG80bEhMNkZGU0pWTVpaRTlqZ3orTE1HSjVKcTJNeUxNMkh1UFEyYkdsVVNicFhsb1NRL3BZcEFaRW9ENDYza2lqNGhKQmVHUVRRVGFUTWlBdjRUcFBiSkJRM1VsOCszdTU4VDBNa2llZmY2QkdScXpaYzY3d0pYMEloWElDQVdUTE1NSE5ZSHp5MDQ3ZEtQTE9tcFJRbW5YSlRJVzduSFZoSXVLSGZUaVV3YVd5QjA5QU44VWR3dlh0aGNyM1Q0eWxRTzByYTdjUGRxRUx1Q2NyK0xZdWxmZEREUUJramxHS0R1dmZTWVI4c012VGxwSHJXNk1KSHpkd2txREo5WUZhRTFhU0lyUnlhampuR1MzRmluT2Q2azdQcU5yUmtsQi9DQ2w5OUE2YTQwZ1M5VTBOZlNpZEM5cldCS0VTS3pWdy93MU1DVU1kbHduM0puYWo0T3luRUZCMmxMTEdaUTdiV0p1RA==&t=1735238117224
200 OK 102 B URL GET HTTP/2 api.cdnorg.cn:666/api/v1/api2/statistics/start?s=4507be34908c7ad262623603cbd4540d&d=b1N2WGo4eEZkWnJjT1poRFNVazgzcmUwYkw3V1NLSWF6eEVYdk4rZXdhMThOQlczLzgzSTN2R0pGWGZ2RlNNRjRtZGRnQmFmSEx2QW00Njh1K3AybUUvV21lVG80bEhMNkZGU0pWTVpaRTlqZ3orTE1HSjVKcTJNeUxNMkh1UFEyYkdsVVNicFhsb1NRL3BZcEFaRW9ENDYza2lqNGhKQmVHUVRRVGFUTWlBdjRUcFBiSkJRM1VsOCszdTU4VDBNa2llZmY2QkdScXpaYzY3d0pYMEloWElDQVdUTE1NSE5ZSHp5MDQ3ZEtQTE9tcFJRbW5YSlRJVzduSFZoSXVLSGZUaVV3YVd5QjA5QU44VWR3dlh0aGNyM1Q0eWxRTzByYTdjUGRxRUx1Q2NyK0xZdWxmZEREUUJramxHS0R1dmZTWVI4c012VGxwSHJXNk1KSHpkd2txREo5WUZhRTFhU0lyUnlhampuR1MzRmluT2Q2azdQcU5yUmtsQi9DQ2w5OUE2YTQwZ1M5VTBOZlNpZEM5cldCS0VTS3pWdy93MU1DVU1kbHduM0puYWo0T3luRUZCMmxMTEdaUTdiV0p1RA==&t=1735238117224
IP
Certificate IssuerSectigo Limited
Subjectapi.cdnorg.cn
Fingerprint04:A5:32:A8:42:E5:B2:90:AE:5D:66:73:F4:DE:49:01:C1:D4:B0:FD
ValidityTue, 27 Aug 2024 00:00:00 GMT - Sat, 27 Sep 2025 23:59:59 GMT
Hash 09000ac4d240c79f1cadd456e9e2d928
b30406ec5e198c4aeacc202e8863a67389a02daa
21d37fb0a81fc128ad59ecdc3c43e6f93ab5a2075ee568b21d2749ca8e8fc6b5
GET /api/v1/api2/statistics/start?s=4507be34908c7ad262623603cbd4540d&d=b1N2WGo4eEZkWnJjT1poRFNVazgzcmUwYkw3V1NLSWF6eEVYdk4rZXdhMThOQlczLzgzSTN2R0pGWGZ2RlNNRjRtZGRnQmFmSEx2QW00Njh1K3AybUUvV21lVG80bEhMNkZGU0pWTVpaRTlqZ3orTE1HSjVKcTJNeUxNMkh1UFEyYkdsVVNicFhsb1NRL3BZcEFaRW9ENDYza2lqNGhKQmVHUVRRVGFUTWlBdjRUcFBiSkJRM1VsOCszdTU4VDBNa2llZmY2QkdScXpaYzY3d0pYMEloWElDQVdUTE1NSE5ZSHp5MDQ3ZEtQTE9tcFJRbW5YSlRJVzduSFZoSXVLSGZUaVV3YVd5QjA5QU44VWR3dlh0aGNyM1Q0eWxRTzByYTdjUGRxRUx1Q2NyK0xZdWxmZEREUUJramxHS0R1dmZTWVI4c012VGxwSHJXNk1KSHpkd2txREo5WUZhRTFhU0lyUnlhampuR1MzRmluT2Q2azdQcU5yUmtsQi9DQ2w5OUE2YTQwZ1M5VTBOZlNpZEM5cldCS0VTS3pWdy93MU1DVU1kbHduM0puYWo0T3luRUZCMmxMTEdaUTdiV0p1RA==&t=1735238117224 HTTP/1.1
Host: api.cdnorg.cn:666
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://14785208.xyz
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Dec 2024 18:35:17 GMT
content-type: application/json
content-length: 102
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: https://14785208.xyz
access-control-allow-methods: POST,GET,DELETE,OPTIONS,HEAD
access-control-allow-headers: lang,signature,key,timestamp,secret,Content-Type,form-type,Content-Length,Accept-Encoding,X-Requested-with, x-token,x_token,x-user-id,x-c,x-xsrf-token, Origin, Authorization
access-control-allow-credentials: true
access-control-max-age: 10080
set-cookie: HWIDHASH=767fdf87b825aa9d3b5e621bce42e929; expires=Sat, 21-Nov-2026 05:14:17 GMT; path=/; httponly
server: cdn
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2
GET jt.98577.shop/jingtai/szgg/6380com/yl90.gif
200 OK 35 kB URL GET HTTP/2 jt.98577.shop/jingtai/szgg/6380com/yl90.gif
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.98788.shop
Fingerprint5F:24:AE:04:27:3C:D6:75:4C:36:5E:2C:F3:E2:C6:42:B6:FB:79:CC
ValidityThu, 28 Nov 2024 04:24:02 GMT - Wed, 26 Feb 2025 04:24:01 GMT
File type GIF image data, version 89a, 90 x 90
Hash b87ca515b6f91ef3aad2575cf8b8e993
dc2126b6981277bab4c6a9d743d143a940add68a
c7d6bf0f15f2e851303c17083e266c82b084f05202769b81001f1b29176c7f68
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /jingtai/szgg/6380com/yl90.gif HTTP/1.1
Host: jt.98577.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
date: Sun, 22 Dec 2024 13:40:38 GMT
etag: "675d6d74-8a14"
expires: Tue, 21 Jan 2025 13:40:38 GMT
last-modified: Sun, 22 Dec 2024 13:40:38 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 35348
X-Firefox-Spdy: h2
GET ali-ec.static.yximgs.com/bs2/upload-qualification-center/dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkA3ZDAzZTI4Yzo0NjU4NDM2MDU5MDYw.jpg
200 OK 580 kB URL GET HTTP/2 ali-ec.static.yximgs.com/bs2/upload-qualification-center/dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkA3ZDAzZTI4Yzo0NjU4NDM2MDU5MDYw.jpg
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Certificate IssuerGlobalSign nv-sa
Subject*.static.yximgs.com
FingerprintB0:A9:09:AD:3C:10:A6:F5:83:FB:3A:A3:12:61:59:2C:2E:1B:B3:68
ValidityTue, 24 Sep 2024 01:11:02 GMT - Sun, 26 Oct 2025 01:11:01 GMT
File type GIF image data, version 89a, 200 x 200
Size 580 kB (579556 bytes)
Hash c84ac508f988ddd9f00983516e79294a
06a77d06b1e9400d0cf359c978893b5b0f7ec08a
d82e19f7bc770d28f62227f2af1e22fd1305022e812ad6095ddf2c34a5f41c0b
GET /bs2/upload-qualification-center/dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkA3ZDAzZTI4Yzo0NjU4NDM2MDU5MDYw.jpg HTTP/1.1
Host: ali-ec.static.yximgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 579556
date: Mon, 02 Dec 2024 12:55:11 GMT
x-oss-request-id: 674DAE2F5249D3343285EB67
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "C84AC508F988DDD9F00983516E79294A"
last-modified: Tue, 05 Nov 2024 09:21:33 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6259333403696293770
x-oss-storage-class: Standard
expires: Tue, 12 Nov 2024 09:21:33 GMT
cache-control: max-age=2592000
x-oss-expiration: expiry-date="Fri, 06 Dec 2024 00:00:00 GMT", rule-id="b9199bf5-bd93-4d4d-98ad-cde46af3d1d7"
content-md5: yErFCPmI3dnwCYNRbnkpSg==
x-oss-server-time: 42
via: cache76.l2nm125[0,1,200-0,H], cache6.l2nm125[4,0], cache13.l2fr1[0,0,200-0,H], cache14.l2fr1[1,0], ens-cache4.se2[0,0,200-0,H], ens-cache7.se2[25,0]
age: 2094006
ali-swift-global-savetime: 1733144111
x-cache: HIT TCP_HIT dirn:4:1771579766
x-swift-savetime: Mon, 02 Dec 2024 13:55:53 GMT
x-swift-cachetime: 7772358
kwaisign: null
x-ks-client-ip: 91.90.42.154
x-ks-cache: HIT from 47.246.44.224
x-ks-request-id: 2ff62c9b17352381172933030e
access-control-expose-headers: x-ks-request-id,x-ks-client-ip,Content-Length
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9b17352381172933030e
X-Firefox-Spdy: h2
GET 91ymdl.site/20241029%E6%B5%B7%E8%A7%92200.gif
200 OK 181 kB URL GET HTTP/2 91ymdl.site/20241029%E6%B5%B7%E8%A7%92200.gif
IP
Certificate IssuerGoogle Trust Services
Subject91ymdl.site
FingerprintD7:6B:CD:D6:44:D9:6E:D9:D2:1E:9C:F0:5A:6E:B3:26:1A:03:7D:B8
ValidityMon, 28 Oct 2024 21:16:22 GMT - Sun, 26 Jan 2025 22:16:21 GMT
File type GIF image data, version 89a, 200 x 200
Size 181 kB (181132 bytes)
Hash f924bfb031f3430a808535684eb27c12
4b68db39cdd21cc138d101a6972683172113d653
86b967c0b2fb8e727300733342fb21fa9e745a8bcee04585f635d78a1aa254f4
GET /20241029%E6%B5%B7%E8%A7%92200.gif HTTP/1.1
Host: 91ymdl.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/gif
content-length: 181132
etag: "f924bfb031f3430a808535684eb27c12"
last-modified: Tue, 29 Oct 2024 12:46:07 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 647
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0djZQqqrOArfZWhq9MyV9PLNtTVsU62v06YojcLMyhHyoB5l82JcidghoylJXJjg9ISTCPc%2Br7BKW5DOGnxUAdK0JwYJFq9I%2FIRlxe%2BpAfalBbR2dEP2wb1qAfKutg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b7658f07129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1173&min_rtt=432&rtt_var=841&sent=33&recv=13&lost=0&retrans=0&sent_bytes=36940&recv_bytes=1294&delivery_rate=36381909&cwnd=254&unsent_bytes=0&cid=0c86753f72d4dfec&ts=671&x=0"
X-Firefox-Spdy: h2
GET i1.wp.com/img.erpweb.eu.org/imgs/2024/07/3c8f5e961eba9261.gif
200 OK 177 kB URL GET HTTP/2 i1.wp.com/img.erpweb.eu.org/imgs/2024/07/3c8f5e961eba9261.gif
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintB3:0D:8C:F5:E5:4D:34:B3:46:D6:07:30:52:DA:12:A4:00:08:0F:39
ValidityMon, 09 Dec 2024 09:39:55 GMT - Sun, 09 Mar 2025 09:39:54 GMT
File type RIFF (little-endian) data, Web/P image
Size 177 kB (177084 bytes)
Hash 5356fbfd6d0394c62f5b79c70d773c79
3ec5b5702bac208ed0996ac93ef9b29d1f311c47
7dc50f059a17426a34a51fbefbbf51cd6ea6d16cb0c5d55ca86e3dc4ce5d300d
GET /img.erpweb.eu.org/imgs/2024/07/3c8f5e961eba9261.gif HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/webp
content-length: 177084
last-modified: Thu, 25 Jul 2024 09:28:38 GMT
expires: Sat, 25 Jul 2026 21:28:38 GMT
cache-control: public, max-age=63115200
link: <http://img.erpweb.eu.org/imgs/2024/07/3c8f5e961eba9261.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "ee625f1201935919"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET picct.777xy.cc/img/ct1x.gif
200 OK 0 B URL GET picct.777xy.cc/img/ct1x.gif
IP
Certificate IssuerLet's Encrypt
Subjectpicct.777xy.cc
Fingerprint4F:BD:4C:45:9B:5D:62:C3:E6:9B:EE:58:F9:35:22:07:E7:A3:AB:11
ValidityMon, 23 Dec 2024 11:39:32 GMT - Sun, 23 Mar 2025 11:39:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/ct1x.gif HTTP/1.1
Host: picct.777xy.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 26 Dec 2024 18:35:17 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Dec 2024 11:17:04 GMT
vary: Accept-Encoding
etag: W/"67542eb0-1f872"
expires: Sun, 19 Jan 2025 08:56:12 GMT
cache-control: max-age=2592000
content-encoding: gzip
server: nginx
x-cache-status: HIT
X-Firefox-Spdy: h2
GET 14785208.xyz/favicon.ico
200 OK 4.0 kB IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
File type PNG image data, 81 x 83, 8-bit/color RGBA, non-interlaced
Hash 776316f35717766874fbfa9d1288040c
23145da4a54c2da2f643993a37d22e51ef3c03e4
27d4ff08e867008f058a8568dec07d8504fe43b4e24feba6c166eadba36ddc96
GET /favicon.ico HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14785208.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e; _ga_706CPN0D0L=GS1.1.1735238115.1.0.1735238115.0.0.1516649856; _ga=GA1.1.607771321.1735238116
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/x-icon
last-modified: Thu, 18 Jan 2024 17:35:50 GMT
vary: Accept-Encoding
etag: W/"65a96176-f70"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqjvWV2nvNYRgpXnJpGdO7h%2FmQfTyxMflGWwyA1BsGVv2JTaWWK8YNzA0%2FdZoOeHEzsJO5ahJcgogFAQRY7R9%2BIGqczvwb6xhdd%2BxjpxoiudDieuHgDzupkHK9%2BQz84%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b70fce20b49-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=8473&min_rtt=1212&rtt_var=13248&sent=171&recv=32&lost=0&retrans=3&sent_bytes=173220&recv_bytes=5257&delivery_rate=255941&cwnd=47100&unsent_bytes=0&cid=1d2a25c18f63f0c4&ts=2226&x=1", cfExtPri, cfHdrFlush;dur=42
GET 14785208.xyz/assets/images/logo.png
200 OK 11 kB URL GET HTTP/3 14785208.xyz/assets/images/logo.png
IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
File type PNG image data, 277 x 83, 8-bit/color RGBA, non-interlaced
Hash cb4772ecb891a6461bc8e0f9a5306d55
36ed759d61745d6ade075917e7bd90fb094eac53
62a9ce277c25060253b314be4d95578523ba0a1be7406563f834bbf8e6f03e32
GET /assets/images/logo.png HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14785208.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 26 Dec 2024 18:35:15 GMT
content-type: image/png
last-modified: Wed, 16 Feb 2022 17:14:11 GMT
vary: Accept-Encoding
etag: W/"620d30e3-2c2b"
expires: Sat, 25 Jan 2025 18:39:47 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtyZ91oTv%2FxbEnnHjpp0o06GVHt46lGXTuTV6t8NSKhVu2EPVcSG5yY90bg3%2FxF34WyYnVX%2F2T8yy4TlDDYiGwtnbsGaLl7u3X6rNihUzWuzhA2Kbt268KlBLccETwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b68ed4e0b49-OSL
server-timing: cfL4;desc="?proto=QUIC&rtt=3252&min_rtt=1307&rtt_var=2156&sent=55&recv=22&lost=0&retrans=0&sent_bytes=42088&recv_bytes=3857&delivery_rate=4038088&cwnd=12000&unsent_bytes=0&cid=1d2a25c18f63f0c4&ts=941&x=1", cfExtPri, cfHdrFlush;dur=0
GET api.cdnorg.cn:666/tj/tongji.js?v=2.201
200 OK 23 kB URL GET HTTP/2 api.cdnorg.cn:666/tj/tongji.js?v=2.201
IP
Certificate IssuerSectigo Limited
Subjectapi.cdnorg.cn
Fingerprint04:A5:32:A8:42:E5:B2:90:AE:5D:66:73:F4:DE:49:01:C1:D4:B0:FD
ValidityTue, 27 Aug 2024 00:00:00 GMT - Sat, 27 Sep 2025 23:59:59 GMT
File type ASCII text, with very long lines (19041)
Hash 2d0c199688810749635b450c20648c38
5e4b6f1e4e5744525264aeb8c9def1143538c469
5c5f5972d1d5452ccfff27ebe347bcbb5f48180269a37cc46d3eeb595a55ded8
GET /tj/tongji.js?v=2.201 HTTP/1.1
Host: api.cdnorg.cn:666
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 14:48:14 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6762e0ae-59f9"
server: cdn
strict-transport-security: max-age=31536000;
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
GET 14785208.xyz/assets/images/loading.gif
200 OK 4.0 kB URL GET HTTP/3 14785208.xyz/assets/images/loading.gif
IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
File type PNG image data, 81 x 83, 8-bit/color RGBA, non-interlaced
Hash 776316f35717766874fbfa9d1288040c
23145da4a54c2da2f643993a37d22e51ef3c03e4
27d4ff08e867008f058a8568dec07d8504fe43b4e24feba6c166eadba36ddc96
GET /assets/images/loading.gif HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14785208.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 26 Dec 2024 18:35:15 GMT
content-type: image/gif
last-modified: Tue, 23 Aug 2022 17:47:43 GMT
vary: Accept-Encoding
etag: W/"630512bf-f70"
expires: Sat, 25 Jan 2025 18:39:47 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwSAcltSda6AWbJpWkkqxrApKnfPYpq4J6gBdeKCKt3jQnXnjVZHnzchzvLLU9VqtJcusMMRAdPjyVbGyXw%2FzQIDedFOz2Rmz%2B6J9exDe4E%2FRBVyHHnyOJv8M0li9RM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b68ed510b49-OSL
server-timing: cfL4;desc="?proto=QUIC&rtt=3252&min_rtt=1307&rtt_var=2156&sent=51&recv=22&lost=0&retrans=0&sent_bytes=37346&recv_bytes=3857&delivery_rate=4038088&cwnd=12000&unsent_bytes=0&cid=1d2a25c18f63f0c4&ts=940&x=1", cfExtPri, cfHdrFlush;dur=0
GET 14785208.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 1.2 kB URL GET HTTP/3 14785208.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14785208.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 26 Dec 2024 18:35:14 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 06:12:29 GMT
etag: W/"675fc4cd-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6pK6bjDxL%2Fbih1phEPJRe9IiLHG8jdbDZPCX1ErJ5EW26MUGM3c%2BCZQ56IfRE3qYlFQdHRlax4sGS9T7z3zTg0kIK4m5kp9rabGrVKW4Qm2pRgsbLboAEdyc5dlSo40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f832b68ed530b49-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 18:35:14 GMT
cache-control: max-age=172800, public
content-encoding: gzip
GET www.googletagmanager.com/gtag/js?id=G-706CPN0D0L
200 OK 322 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-706CPN0D0L
IP
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintFA:A6:D6:5C:A6:DC:BE:D1:9A:34:42:70:3B:66:13:21:40:A4:C9:E4
ValidityMon, 02 Dec 2024 08:35:56 GMT - Mon, 24 Feb 2025 08:35:55 GMT
File type JavaScript source, ASCII text, with very long lines (5945)
Size 322 kB (321724 bytes)
Hash 26a728c57b3c842bcc6029951a9f112a
947c4fa9ca0cf965180e6c3c098ff1f8cc6a5c89
22d444e1d10d5ab5d0628157154030bb9955e8053edf3b2a1d9dc02a9dfbe09b
GET /gtag/js?id=G-706CPN0D0L HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Dec 2024 18:35:14 GMT
expires: Thu, 26 Dec 2024 18:35:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 108032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET jiasu.cdntugadeikn8564adgs.com/need/img0121/4.gif
200 OK 0 B URL GET jiasu.cdntugadeikn8564adgs.com/need/img0121/4.gif
IP
Certificate IssuerGoogle Trust Services
Subjectcdntugadeikn8564adgs.com
FingerprintF6:3E:EB:5F:7D:14:7F:CD:60:75:51:0E:01:78:D1:3C:76:39:41:1C
ValiditySat, 07 Dec 2024 15:30:35 GMT - Fri, 07 Mar 2025 15:30:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /need/img0121/4.gif HTTP/1.1
Host: jiasu.cdntugadeikn8564adgs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: image/gif
last-modified: Thu, 11 Jan 2024 07:31:26 GMT
vary: Accept-Encoding
etag: W/"659f994e-6a50e"
expires: Tue, 21 Jan 2025 12:17:04 GMT
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
age: 368292
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=siBCPrGkC1O8BdVwgsrFbeUdqZUkr4gXI%2Fy7O5W021TaN8xgL1G0iuljbsQ58TWZrGrhOyASQeV5HigBJtx5X4RfOkFdy38yVFdo%2BZclPtoM9cjoJrGHet9HMb%2BdKLZRdxDgb1MZNJg9liNmzw%2BaH0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b765f2b56aa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=853&min_rtt=455&rtt_var=838&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3310&recv_bytes=1232&delivery_rate=8619047&cwnd=254&unsent_bytes=0&cid=604001f0a572dd88&ts=680&x=0"
X-Firefox-Spdy: h2
GET 14785208.xyz/assets/css/ozui.min.css
200 OK 25 kB URL GET HTTP/3 14785208.xyz/assets/css/ozui.min.css
IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/css/ozui.min.css HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/
Cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 26 Dec 2024 18:35:15 GMT
content-type: text/css
last-modified: Thu, 28 Sep 2023 11:54:50 GMT
vary: Accept-Encoding
etag: W/"6515698a-6018"
expires: Fri, 27 Dec 2024 06:39:47 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fyf48SHylhK4O6LraomBxTUNbhyQgzipusfmaldiS6jQyfJ9HOyziGbpW8CFEMnCPrgFpdjwCobw6QQaXiUwdMZ3ibvPWXyFEB%2B5QPKtbiJ%2BJGzsztbieLiepeLKnOE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b68ed4d0b49-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=3530&min_rtt=1396&rtt_var=2133&sent=46&recv=21&lost=0&retrans=0&sent_bytes=32068&recv_bytes=3814&delivery_rate=3266517&cwnd=12000&unsent_bytes=0&cid=1d2a25c18f63f0c4&ts=929&x=1", cfExtPri, cfHdrFlush;dur=0
GET 14785208.xyz/assets/js/jquery.min.js
200 OK 88 kB URL GET HTTP/3 14785208.xyz/assets/js/jquery.min.js
IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
File type JavaScript source, ASCII text, with very long lines (65451)
Hash f832e36068ab203a3f89b1795480d0d7
2115753ca5fb7032aec498db7bb5dca624dbe6be
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
GET /assets/js/jquery.min.js HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14785208.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 26 Dec 2024 18:35:15 GMT
content-type: application/javascript
last-modified: Thu, 02 Dec 2021 20:54:58 GMT
vary: Accept-Encoding
etag: W/"61a932a2-15850"
expires: Fri, 27 Dec 2024 06:39:47 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cD15xgWZL4MmDwSygNALEQOikEH7VxlfEwc6eD0%2BvP1OIP96GPNQsIotFsBwXM%2BiLwmdQaA%2F977%2BOZKuiqWvHiNBXZklqDQQwnxXR22l2C6LfhIaVRqeM5O7fgtxX3I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b68ed570b49-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=2888&min_rtt=1307&rtt_var=1414&sent=68&recv=26&lost=0&retrans=0&sent_bytes=54428&recv_bytes=4394&delivery_rate=6635556&cwnd=15600&unsent_bytes=0&cid=1d2a25c18f63f0c4&ts=1126&x=1", cfExtPri, cfHdrFlush;dur=0
GET 14785208.xyz/assets/css/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL GET HTTP/3 14785208.xyz/assets/css/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
Certificate IssuerGoogle Trust Services
Subject14785208.xyz
Fingerprint6A:03:BD:F3:77:11:A5:B4:24:B5:FE:71:D2:0D:ED:35:CA:13:5F:FC
ValidityMon, 04 Nov 2024 07:45:03 GMT - Sun, 02 Feb 2025 07:45:02 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /assets/css/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 14785208.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://14785208.xyz/assets/css/font-awesome-4.7.0/css/font-awesome.css
Cookie: PHPSESSID=fpg7aida2g7cftopbb1di72b9e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 26 Dec 2024 18:35:16 GMT
content-type: font/woff2
content-length: 77160
last-modified: Thu, 02 Dec 2021 20:54:45 GMT
vary: Accept-Encoding
etag: "61a93295-12d68"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ksyOi6XjwOMkTEjL2IiNKUCqN7Hm%2B9fN5WkxTsYqedgqiS8jjM0U6E7JVQotYgq52dr5AAg7G6g9QuwHjlY3XQaBGcCiyDmsaRksBCsTFA8xSvfn50d%2B%2Ft%2BwV41C%2F0o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f832b6cf9690b49-OSL
server-timing: cfL4;desc="?proto=QUIC&rtt=2365&min_rtt=1212&rtt_var=1377&sent=102&recv=31&lost=0&retrans=0&sent_bytes=91320&recv_bytes=5211&delivery_rate=6609&cwnd=31200&unsent_bytes=0&cid=1d2a25c18f63f0c4&ts=2012&x=1", cfExtPri, cfHdrFlush;dur=0
104.21.48.228
38.34.183.179
142.132.201.10
47.246.44.224