r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7530
Expires: Sat, 04 Feb 2023 14:24:44 GMT
Date: Sat, 04 Feb 2023 12:19:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18254
Expires: Sat, 04 Feb 2023 17:23:28 GMT
Date: Sat, 04 Feb 2023 12:19:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6535
Expires: Sat, 04 Feb 2023 14:08:09 GMT
Date: Sat, 04 Feb 2023 12:19:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 11:43:37 GMT
content-type: application/json
age: 2137
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: N0k39FnQrj4coGQGd/8W82vf4oXIi0gqLs9vue3R6/EzgdYMOf/GBL2sfvMtiMQoi2URYnU8nh0=
x-amz-request-id: 7S7BQAM4MHJXPW1Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 11:52:49 GMT
age: 1585
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256
188.114.97.1200 OK 596 B URL HTTP/1.1 truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (553), with CRLF line terminators
Hash 4dfe9f4245698c24fb5580c57464d764
1a22847d815ca398525dbfb4629e1bc4fde0ebe9
d63e1d25db6c167355af0147c16f37025c13757dc09fc5a7827c83c82862377f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /luluhypermarket-xh2/tb.php?hn=tq1675503005256 HTTP/1.1
Host: truewrestling.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 12:19:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4oukw2u38%2BWHzql54PkPeXi%2Bg4W2lOUS8%2BtOcN4MmgeqwbWCY0dFoPjtfKZt2%2FSIUIEl%2FL7JKxj52ibDsA0PsrpkZNiFRc4eg56NuFStV6KDILCVE0gFvqzhBdyxWvB1mkk3A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79435a80a8f8fac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:19:14 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
truewrestling.top/favicon.ico
188.114.97.1200 OK 455 B URL HTTP/1.1 truewrestling.top/favicon.ico
IP 188.114.97.1:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c5d244b8b6b192c76a2c4331450c235
7e53f5ad871fcd67705eaf77f1ca9ff247143e1e
e0f26b6349453a86cd1f0f87cfd80559ef7edb6d88ff0af9ced7d7e413c548e3
GET /favicon.ico HTTP/1.1
Host: truewrestling.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 12:19:15 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2016 03:54:11 GMT
ETag: W/"5861e5e3-1b0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3998
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIVX3GB06TBZWo%2Fjr8JWrQgFdnCkd%2BY%2BNd%2BjQ2LGKFMsl14HlymjYlloLJBrw4lC0qOZReC%2FCk5ydwCm4DC6%2BdFXpun6i%2BxskvLzUnsrSiGwR9clLvS5mrPkd%2FGZPjkFeR%2B4Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79435a82da96fac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
truewrestling.top/j/og2.js?_t=1675513190633
188.114.97.1200 OK 942 B URL HTTP/1.1 truewrestling.top/j/og2.js?_t=1675513190633
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash bad1af26351d2e87c035596233940ab0
9ac0e34dcbfd29ca3070c506c200777a8016b161
bc734ed6fc97cbcbaa0ed5236ce8aa46754596a9a79eef96684242d231d0644e
GET /j/og2.js?_t=1675513190633 HTTP/1.1
Host: truewrestling.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 12:19:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 16:09:56 GMT
Vary: Accept-Encoding
ETag: W/"635172d4-850"
Expires: Sun, 05 Feb 2023 00:19:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M45lRiNh%2BHrFDVkYfVyt7nzVI6A2HxN5m49BKuo6FcP15H6VaKKo5MIUWhYh86sqq00wUuv5D9yDEH2kgVglk7BkH8sRsrlsz15OuAahWU4dONjZzI1K01pNiiuvHVnrqTv0Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79435a83bb59fac4-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 12:07:19 GMT
age: 716
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
truewrestling.top/j/og2.php?_t=1675513190736
188.114.97.1200 OK 107 B URL HTTP/1.1 truewrestling.top/j/og2.php?_t=1675513190736
IP 188.114.97.1:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 34509a6b36c9a4952f2f08c41018001e
f4537b09b65c6471f5da92d6b4082d6fc4db6e3c
0ae8d596ab4f8e1257cacef82125bc02fd695e304c76c001c0141ea2181c9cde
POST /j/og2.php?_t=1675513190736 HTTP/1.1
Host: truewrestling.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 58
Origin: http://truewrestling.top
Connection: keep-alive
Referer: http://truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 12:19:15 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLCoPdlUqJprriaIlJ28SzrFvIraWavNOTH4LiHSwpeasebUnCQmPE%2BvgZp935L9oteNdTHOUyJEZiNj75ySGWYEM5rxIYINJgzMmh13SbjPTKarE9UjWhKutEs4nynJV%2B6LRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79435a846bd6fac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/lUBhjpg2Mlo
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/lUBhjpg2Mlo
IP 142.250.74.163:0
Hash 0971914ee2c2cefb20a4404c4ad70933
808fb820741bf8878dfc8344e6869feeb8717630
aeb07e9af1260d1d670bc2412440c14a5b9cf8beded2dde8d8fdede1869cdc5c
POST /s/gts1p5/lUBhjpg2Mlo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8741
Expires: Sat, 04 Feb 2023 14:44:56 GMT
Date: Sat, 04 Feb 2023 12:19:15 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/lUBhjpg2Mlo
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/lUBhjpg2Mlo
IP 142.250.74.163:0
Hash 0971914ee2c2cefb20a4404c4ad70933
808fb820741bf8878dfc8344e6869feeb8717630
aeb07e9af1260d1d670bc2412440c14a5b9cf8beded2dde8d8fdede1869cdc5c
POST /s/gts1p5/lUBhjpg2Mlo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
151.101.193.229200 OK 2.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
IP 151.101.193.229:0
File type ASCII text, with very long lines (16263)
Hash bd3ea59ca12635e32402ec20cb196249
b1bfdaba4a00c2932245ff9eabea38016f9c9069
b99f8f79de257275fdbf6a8e0eb4652b0d69429552234b1f444c08ae85000341
GET /npm/select2@4.1.0-rc.0/dist/css/select2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.0-rc.0
x-jsd-version-type: version
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 12:19:15 GMT
age: 26933661
x-served-by: cache-fra19146-FRA, cache-bma1683-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2162
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
151.101.193.229200 OK 21 kB URL HTTP/2 cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
IP 151.101.193.229:0
File type ASCII text, with very long lines (65317)
Hash b5ae87c0e4dd241b533e67053b0b719d
6b7b568694a95d81a94dea9ef7a85d1317d448dc
5bae5997fbca925ac6e52be8163ca897e751fcc9331552e0f77a22dd35b64521
GET /npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 6.1.1
x-jsd-version-type: version
etag: W/"189ae-CRAs/GDvtDCiXul87ppqNd9t/Fk"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 12:19:15 GMT
age: 8169268
x-served-by: cache-fra-eddf8230116-FRA, cache-bma1683-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20556
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
104.21.2.47200 OK 8.1 kB URL HTTP/2 cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 104.21.2.47:0
File type ASCII text, with very long lines (21060), with CRLF line terminators
Hash 8470ac7b3fb4831728e528af6aa60c0b
8c1949006de547e874e7bef7fc7ce283c274eb9f
65cd3226f5f49e0fb93d28bc96c29db67c869e16ef3b86ac62a0035f2732d30a
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdt8iAiFUD-J6NleyhXb8_vV8-wAPh_5tba_l2ugugXdkSJbrWiN1EsoSHZyahG4iSEJB_zV100HdRQRWXjd72Q
expires: Sat, 04 Feb 2023 11:25:50 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXaal%2F925O7QTJk1B%2BvQgiApOxwv%2BAAsiqRq2lS0SqRorSXqCKbct9lahtVZVp5WLQYAqBNecWRWZWzmhJ0RiX3lHvyCw9dVR%2B09IJNTG65tSScL4Yl4QcNPqiCL0Pi5qTk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a876e580b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 1.1 kB IP 142.250.74.163:0
File type gzip compressed data, from Unix\012- data
Hash 8445d9aac2d6e80f2c93554f0661bbfd
2f85690b0ea03a4de298149096d9a940f9c554c4
5e80f3d890fe3f28f816be1ca482673af0397206c2eb2ff8d9b0ee34e14f0a62
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
IP 142.250.74.168:0
File type ASCII text, with very long lines (19467)
Hash 262c4a16695530b3fd2c58a2253a930a
b3e7a834d178b8af69c87ff50ec570522cf97064
1b223ad7bffc9d1e154704588eef287d13c320f3893e3a8c12aa530f13c67bf9
GET /gtag/js?id=G-0C230YDF7G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 12:19:15 GMT
expires: Sat, 04 Feb 2023 12:19:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77007
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
IP 142.250.74.168:0
File type ASCII text, with very long lines (19467)
Hash 00e0812250da74e0125c975c645cb1ff
51ca78185a731baf1be6f0d4fb752c73cfc76c8e
a7f50c8c6dbd1e07f0262fc5d442c57e782a474601b2ce1d40010b167dc6b948
GET /gtag/js?id=G-LW7434MYMN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 12:19:15 GMT
expires: Sat, 04 Feb 2023 12:19:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76976
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7bdc458793f63515f326d2003fd8be4f
0637715bfb34ea51e592d2ad4252ad0f901feb2c
ebb8f0f0e2be864c2482ee6564afc09e7998396d645a2a6011acc19e9cf3e3c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8F0F0E2BE864C2482EE6564AFC09E7998396D645A2A6011ACC19E9CF3E3C6"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16220
Expires: Sat, 04 Feb 2023 16:49:35 GMT
Date: Sat, 04 Feb 2023 12:19:15 GMT
Connection: keep-alive
push.services.mozilla.com/
35.161.147.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.147.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2lngF3QERSYRQ7g96nL21A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: s7k0St6mEj4lRxyTOz71lK+nEJo=
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
104.21.2.47200 OK 26 kB URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 104.21.2.47:0
File type ASCII text, with very long lines (65321), with CRLF line terminators
Hash cdeead65a36c16f6638164b3b5392e28
7d8599f765eeff4621b33b35f0904eff59bb4785
bb33aecd0f0c118e0e587555d858bf95f0636076900e24824572562ae15d4631
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/css
x-guploader-uploadid: ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw
expires: Sat, 04 Feb 2023 12:23:06 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
etag: W/"feba0d0760607b9e21393156949afcd9"
x-goog-generation: 1647502692716912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161415
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOpXvnF8TvDNm12aIH69KKX6hgCza25RHchfgEUGECBh9gLrH%2Byfqmpk%2BbVrAM8DPcaO2j06eRjJBgWJJtUPCiwvvxkHz7E4n%2BXuj4jVaDPtH%2FHhcro62tfrQE7yjfLxmcw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a874e360b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8ed0aa8323e751dd1b26751a5bbc08b7
1dc77046253b2642a7def68c7a7d33f4a4a47f47
906f154760200d54a0409b9f229b3c2f8e9d96ca751e44228bb92c29468fd371
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash adce3a081490452d571fd3951347918f
87371b471d8098055cfc08d49f4c6f4599668360
ea5bc3af900d247fa77cf4a63c03d1e16485b782fb3b8612afb908648622d16d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA5BC3AF900D247FA77CF4A63C03D1E16485B782FB3B8612AFB908648622D16D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1949
Expires: Sat, 04 Feb 2023 12:51:44 GMT
Date: Sat, 04 Feb 2023 12:19:15 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8ed0aa8323e751dd1b26751a5bbc08b7
1dc77046253b2642a7def68c7a7d33f4a4a47f47
906f154760200d54a0409b9f229b3c2f8e9d96ca751e44228bb92c29468fd371
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
142.250.74.161200 OK 181 kB URL HTTP/2 1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
IP 142.250.74.161:0
File type PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size 181 kB (180954 bytes)
Hash fd835c1f326d3e7da0d9839550f66723
5004618bc15011d7d0f569f60f900d076b164b3d
b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8
GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Sat, 04 Feb 2023 09:51:51 GMT
expires: Fri, 27 Jan 2023 22:59:37 GMT
cache-control: public, max-age=86400, no-transform
age: 8844
etag: "v632"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
142.250.74.161200 OK 14 kB URL HTTP/2 1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
IP 142.250.74.161:0
File type PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Hash ff055162c5d233506eece3fb69a47e74
49812e303ae6674819b6a7a6e0721d555ef64df4
7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Sat, 04 Feb 2023 11:35:30 GMT
expires: Mon, 23 Jan 2023 07:16:14 GMT
cache-control: public, max-age=86400, no-transform
age: 2626
etag: "v630"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b6c149891b6cc0821148c3fd0c7c909c
d228cbb4b9a33e95cca401a4491511b287f5fc87
21ff0aa4d42e388ee809d02b3a2595c324cf0998386a5a44ceb326cfc18e4bfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21FF0AA4D42E388EE809D02B3A2595C324CF0998386A5A44CEB326CFC18E4BFA"
Last-Modified: Fri, 03 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17530
Expires: Sat, 04 Feb 2023 17:11:26 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive
cdnbun.com/upload/yinin1.jpg
172.64.131.13200 OK 10 kB URL HTTP/2 cdnbun.com/upload/yinin1.jpg
IP 172.64.131.13:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 9f839127e951e6cba423df87e5cf07ec
6ee3bd1afdfe9ec2f1f79114249755c0ab2c4466
babd75ed88bcf9a7c7d6a4cb955550fb76c4e0e314138b1f78137a0b013aba71
GET /upload/yinin1.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 9989
x-guploader-uploadid: ADPycdtO7y_77iyjHLgEYkkbJ3CsTsKcdgJ4zV1YF6EMuP7mtF4TCf1uZQogq6wAgeyPn631cIxA5aINMY8V1YcnlmmcKK8b7cOa
expires: Sat, 04 Feb 2023 12:16:42 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:32 GMT
etag: "9f839127e951e6cba423df87e5cf07ec"
x-goog-generation: 1664826152325374
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9989
x-goog-hash: crc32c=l82UJA==, md5=n4ORJ+lR5sukI9+H5c8H7A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1446
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vunJKGh4dq9%2BLVL%2FkiWoUpZB2OFOcgBdi0AQIL6wXfLL9vHu1qiP%2B54jJzrdPK6xM03bWfGiLMaKobN%2FQie68humrzc%2FfyJYqLT1tSNoklHyW5Jb1VnYlduj6gEN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891bf77767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/yinin8.jpg
172.64.131.13200 OK 9.5 kB URL HTTP/2 cdnbun.com/upload/yinin8.jpg
IP 172.64.131.13:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 9438fdd580f94c978f69035105e13cd3
d46d09bf3ca401c1c0d91663a08168f3297afff4
e575c73e80a1cf7134b629c99a5727a0f108c739ce21c8f06f11903276b6f0db
GET /upload/yinin8.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 9470
x-guploader-uploadid: ADPycdv8XWD9uNItljd6CaEU6Y5Zg9ClMjG2GNBqjCzbBm5dUdOiCl3I8Xnf6ka2ib7jDLrtsyJqd14mzOokxvHPyXeJ4z-ktoOG
expires: Sat, 04 Feb 2023 12:16:42 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:27 GMT
etag: "9438fdd580f94c978f69035105e13cd3"
x-goog-generation: 1664826147217999
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9470
x-goog-hash: crc32c=PSDQww==, md5=lDj91YD5TJePaQNRBeE80w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3153
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIQwbO%2BkNB24HmlGcQyWf6yVmjA%2Fj0gtUn1w7dFd6Vkll8TTr66jiLz6vs%2FaVbPwitxdYRk4rXC3GZMa6RNmdZMju%2FzXg2iYmcaDX0U6ErZxYzKKztQjeaGi06bu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891bff7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/yinin10.jpg
172.64.131.13200 OK 14 kB URL HTTP/2 cdnbun.com/upload/yinin10.jpg
IP 172.64.131.13:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash e4d604720788156badba6c24a3ae2f18
e3ac1b8a8683c93590c3c833400bb8426033617f
e06c2ce9f625b4fe7242a681f4f304295c919d2d60d1c686308aa8b937d19687
GET /upload/yinin10.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 13584
x-guploader-uploadid: ADPycdsr0vGZxJW2eE0fC1-WGzCieHwVgd_OYFj7qIMX3Ag0Zbas7_dNcyiTcv1wwrezj0DuESWFW7UCEwt9P8bBuQ6gPg
expires: Sat, 04 Feb 2023 12:16:42 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:27 GMT
etag: "e4d604720788156badba6c24a3ae2f18"
x-goog-generation: 1664826147233795
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13584
x-goog-hash: crc32c=W2VoYQ==, md5=5NYEcgeIFWutumwko64vGA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3120
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSm4K532C%2Btxx%2FX9wZZju%2FWckzdWc%2FBXHHk8v16kaHi5N9teyViepxhXgzt%2B6otCUQHtIQrM51rQYO%2FBq3PYSHzk81dSrM3H2h8bGWY1tke6E0DWwW3YT%2FKMykm5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891c007767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash adce3a081490452d571fd3951347918f
87371b471d8098055cfc08d49f4c6f4599668360
ea5bc3af900d247fa77cf4a63c03d1e16485b782fb3b8612afb908648622d16d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA5BC3AF900D247FA77CF4A63C03D1E16485B782FB3B8612AFB908648622D16D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1948
Expires: Sat, 04 Feb 2023 12:51:44 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive
cdnbun.com/upload/yinin4.jpg
172.64.131.13200 OK 11 kB URL HTTP/2 cdnbun.com/upload/yinin4.jpg
IP 172.64.131.13:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash b6fa404160ab4e31d422d46c4fc721f6
909a89b3f1ff27026885c7b9bf646fae22fb487f
4424ea551237c5beca0d48ed654b2e4a613c0cc8aaf1b918bc75f9e8de537a10
GET /upload/yinin4.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 11421
x-guploader-uploadid: ADPycdve6P7BeXMFsPxqtP-hu4Irmn0aaNW_lYvruYrm22R9QKTDL9_u9xGxcltZUR5jVQKCWQpzGerz3yazxOPZHTXAGqHX6IJj
expires: Sat, 04 Feb 2023 12:06:51 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:24 GMT
etag: "b6fa404160ab4e31d422d46c4fc721f6"
x-goog-generation: 1664826144838095
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11421
x-goog-hash: crc32c=OYzFWQ==, md5=tvpAQWCrTjHUItRsT8ch9g==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gqw7zU%2BKLuJDNDVrZ1HyR9nDFWdm5YEx5MZyRFFIqb%2BwJkaIuuyEnoTFROTCYwUh9xsWgRM1OvvTTa2ryb%2BAz2EoLJSWLw0fGGW%2FC%2FanoI2onMooLUd52Kq3S9F6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891bfb7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash adce3a081490452d571fd3951347918f
87371b471d8098055cfc08d49f4c6f4599668360
ea5bc3af900d247fa77cf4a63c03d1e16485b782fb3b8612afb908648622d16d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA5BC3AF900D247FA77CF4A63C03D1E16485B782FB3B8612AFB908648622D16D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1948
Expires: Sat, 04 Feb 2023 12:51:44 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive
cdnbun.com/upload/yinin3.jpg
172.64.131.13200 OK 8.1 kB URL HTTP/2 cdnbun.com/upload/yinin3.jpg
IP 172.64.131.13:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 81475444fd410232094e547f2aeb7863
032e49959deebf523292282cabe959c1d175a51d
67f6bd69c33d05af4d61a11dda85b94199bb55097d69d7bcb4bd93499ea6c660
GET /upload/yinin3.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 8062
x-guploader-uploadid: ADPycdu1BSHTrW5HdsS135AjLBQqSkNbo8q--9GHbTpuxvhEGWIcnw-G8PWtSQV057s5ZChQt5prrMMhgBBBWfkfKiN1qopCHBdG
expires: Sat, 04 Feb 2023 12:07:05 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:24 GMT
etag: "81475444fd410232094e547f2aeb7863"
x-goog-generation: 1664826144612199
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8062
x-goog-hash: crc32c=PSGrKA==, md5=gUdURP1BAjIJTlR/Kut4Yw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VpRnaxRY6962MsvvfVuTXit6zWeFydFIGz0yJSMBdjKYgJJfkDlwIIRUGThTaYKaJSOBHTElfbrK8uGvdH5U2qaEdKj1YmFJ4mPVePjD6qvNzy83P23EBRZzLWs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891bf97767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8ed0aa8323e751dd1b26751a5bbc08b7
1dc77046253b2642a7def68c7a7d33f4a4a47f47
906f154760200d54a0409b9f229b3c2f8e9d96ca751e44228bb92c29468fd371
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnbun.com/upload/yinin5.jpg
172.64.131.13200 OK 12 kB URL HTTP/2 cdnbun.com/upload/yinin5.jpg
IP 172.64.131.13:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash e9b0239c55b165f1690ddc8c071919ba
bc37af04c476e3c03dd184a626d64b6bdee7fda9
e8e2355d1d5f7b4904b7ffb705fbfe47f1365b640c4940301cf5f5e3a29aa0eb
GET /upload/yinin5.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 12233
x-guploader-uploadid: ADPycds4huLQCbM-JeckUh_zc2jQmmzEVWejxmDBM8AdRY7G7mFkdX8Coim_MUXsdOU8JbBilClfRsr1PBEnpYqKT3ai
expires: Sat, 04 Feb 2023 12:07:05 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:26 GMT
etag: "e9b0239c55b165f1690ddc8c071919ba"
x-goog-generation: 1664826146100892
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 12233
x-goog-hash: crc32c=5+zp3Q==, md5=6bAjnFWxZfFpDdyMBxkZug==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qyVVsOdWx7yg50pVyBsrZ3MYO3vpeStn9%2F9OCWwLAXHqu5AvG%2FCzN2c1T42TmTs6jzTsqJWutaR8VI%2BhpUItY1sH%2Fe9UQ42S8P2%2FhyWmM7U5v15p8EnHwZOInNK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891bfd7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/yinin7.jpg
172.64.131.13200 OK 9.7 kB URL HTTP/2 cdnbun.com/upload/yinin7.jpg
IP 172.64.131.13:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 98bf547229428fd89db85cf7eaee3f5c
28e8820afa88cb0431816eb9b9df2d6d7c37e6f2
27fc0ee79674e43ea6c89bee0b5f685e6a954dbd9b8279e93cff26e24b6224cb
GET /upload/yinin7.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 9701
x-guploader-uploadid: ADPycdszsGI_AIiaQ1MNusHYIYTANVu372wD_u_zvr80wTqV-4B6K2eCG6JCWi9tIJ-VTNY3HLUix7geAxD7tq9Acsvk9w
x-goog-generation: 1664826145990880
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9701
x-goog-hash: crc32c=N23pRQ==, md5=mL9UcilCj9iduFz36u4/XA==
x-goog-storage-class: STANDARD
expires: Sat, 04 Feb 2023 11:36:25 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:26 GMT
etag: "98bf547229428fd89db85cf7eaee3f5c"
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyb90pkguHD7ybzQFtGALUgl5zNk9VJ28947ALSSfHjepF5czStIOE9hje8eGuWLRCTYAIug02TkXBHyoNAFJshLj44ahth9QaWW4L%2BiQ9nM%2BNcevEQpALEZ0HB%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a892c1b7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/yinin9.jpg
172.64.131.13200 OK 11 kB URL HTTP/2 cdnbun.com/upload/yinin9.jpg
IP 172.64.131.13:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash d89c2aa67625f8e96a26ad58b1e305ce
b0528b506c7cdb2e419d2a6da73cefdb72c2ed2c
6a07c5e915cbecd3802cb30dab35e08c084a11736b7bc7b54084b4a6bcae828b
GET /upload/yinin9.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 11423
x-guploader-uploadid: ADPycdte1SHVYg0QN4QfOxW-2FFFhT86-ieG7AkPIx4-zlnFYPojNssx_n55YOfcgR9nU3RT5rk3KDo2FmrMYYEUvOXycA
x-goog-generation: 1664826147210950
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11423
x-goog-hash: crc32c=2FXwkQ==, md5=2JwqpnYl+OlqJq1YseMFzg==
x-goog-storage-class: STANDARD
expires: Sat, 04 Feb 2023 12:16:42 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:27 GMT
etag: "d89c2aa67625f8e96a26ad58b1e305ce"
cf-cache-status: HIT
age: 3153
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcSh%2BrTCCGMVDBBTGZtw7I%2BJIldWhU0JNsI5Fr4qaBBNHKk8VLp9qqtcIzPRZcpFbJGeOYMIm9HpKZvaK9Hx58kRoKzLCq6%2B5vaQxmmnoj1jf2ZuvnA7WnfAHZeX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a893c267767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/luluhypermarketxh.yy.jpg
172.64.131.13200 OK 10 kB URL HTTP/2 cdnbun.com/upload/luluhypermarketxh.yy.jpg
IP 172.64.131.13:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 185x88, components 3\012- data
Hash 834991e67f5621a8610daa8e3772b510
6b17ea604c59f3f96ad797cfe14ff63e97007c87
1bc9a2e7706ec94b6d68d532ed07a4d946f49f4815be68a20f33215d926ee1bf
GET /upload/luluhypermarketxh.yy.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 10273
x-guploader-uploadid: ADPycduoJVO0J2egRQ3csrrHM6NPtpS8xUlT_kyz4_SjhjAB01zWC9GRv7nCfsWqQKA8It_HLinf2pTe1bjoVTSlJyMyXACMrR1D
x-goog-generation: 1665707722787425
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10273
x-goog-hash: crc32c=Yzf1mg==, md5=g0mR5n9WIahhDaqON3K1EA==
x-goog-storage-class: STANDARD
expires: Sat, 04 Feb 2023 12:42:02 GMT
cache-control: public, max-age=14400
last-modified: Fri, 14 Oct 2022 00:35:22 GMT
etag: "834991e67f5621a8610daa8e3772b510"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFe7JGcl4Tf9KQkgbcH4M9f1R25x6eORRDoI7TwwvPK7Y2fO3sqYvZVc5mh2%2BR5a6KjMajC0u45VYxM3TusKLdp9Ye6G3vLbskF1XSUTEHI5N6kCNqHGHa9GQ7hS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891c017767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/luluhypermarketxh.box2.png
172.64.131.13200 OK 7.4 kB URL HTTP/2 cdnbun.com/upload/luluhypermarketxh.box2.png
IP 172.64.131.13:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash e86e38b7dbbd376474c8dd4610c97dce
0c95f2a71db274f26d31c90401e37930d2174be3
3be11f9247f23647250d2c781ed1b5781f9a53cfd18a5d6d5ec4db5b7e61a17f
GET /upload/luluhypermarketxh.box2.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/png
content-length: 7385
x-guploader-uploadid: ADPycdtHOFnVopnmBN2qgUlcjfPMWX7tuQ1GLShwAn_JtUggLR-UOyYReRGCOLJgQ3nvb3w2GIeZXkVt_li5dRoiXXSCrw
expires: Sat, 04 Feb 2023 11:35:15 GMT
cache-control: public, max-age=14400
last-modified: Fri, 14 Oct 2022 00:35:21 GMT
etag: "e86e38b7dbbd376474c8dd4610c97dce"
x-goog-generation: 1665707721809608
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7385
x-goog-hash: crc32c=Z20AAQ==, md5=6G44t9u9N2R0yN1GEMl9zg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BXtAskL5myUePyQio8w5xJOsE5B4HmyyvE8BNjxYz62g7lViG%2BPd4GLTcu2QgPH5a%2Bx3NNoAmEgEGyTOf%2BYUEOmBrafAi1islcmNrDp67fxhJu1%2FzXdIcwxSo0L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a892c197767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/luluhypermarketxh.box3.png
172.64.131.13200 OK 20 kB URL HTTP/2 cdnbun.com/upload/luluhypermarketxh.box3.png
IP 172.64.131.13:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 1fcdfd74a8b08b74c929bbd9c4b0209b
ddd7b9a2cc55c9e667cccc7018d0ca0d8557a370
865393af979bc197bd02e9471ccd198b3247c6a4c389d31101fed78ce15233b7
GET /upload/luluhypermarketxh.box3.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/png
content-length: 20416
x-guploader-uploadid: ADPycdsAqb9aABZ65CcoqWSVBNvU27iLIqMkyOQXNeFGMkfrrAF1XP73f69oWpKG7vQz7JhZk7x-GHmn90NajS3tdMU
expires: Sat, 04 Feb 2023 12:26:47 GMT
cache-control: public, max-age=14400
last-modified: Fri, 14 Oct 2022 00:35:21 GMT
etag: "1fcdfd74a8b08b74c929bbd9c4b0209b"
x-goog-generation: 1665707721812956
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 20416
x-goog-hash: crc32c=9vY13Q==, md5=H839dKiwi3TJKbvZxLAgmw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gg9htows7bzsP4YLFRh14de0%2FN5E%2FgxtUvL5V%2FuhT2Cj7eQbSrerN1zz7iSuvaqykgGivLcYwruFM0dKbs1aXvD4bgDTPuEkPlRa7sWIa0IoL5LVn2njggp%2FL2hu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a892c187767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/luluhypermarketxh.box1.png
172.64.131.13200 OK 38 kB URL HTTP/2 cdnbun.com/upload/luluhypermarketxh.box1.png
IP 172.64.131.13:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash c9e220b83739d01e22031c4ba4554dd2
4ad3500a3412177c28d58b6c388c2d929cfb3a39
d12b11266753cca02a13d1cc8ec58cfe6fc92462f7528dbe59a2e82b35610d7a
GET /upload/luluhypermarketxh.box1.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/png
content-length: 37590
x-guploader-uploadid: ADPycdsL22cQvPUz766G_vFFYFI5EhXP23E-RuQo7LvOuDasRZ9TDSoEKFIs02DkWMLsTw80GkxGCPZpAJWzlaQx9vxe
expires: Sat, 04 Feb 2023 11:35:15 GMT
cache-control: public, max-age=14400
last-modified: Fri, 14 Oct 2022 00:35:24 GMT
etag: "c9e220b83739d01e22031c4ba4554dd2"
x-goog-generation: 1665707724830671
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 37590
x-goog-hash: crc32c=828z/g==, md5=yeIguDc50B4iAxxLpFVN0g==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3002
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7DI82NEb63IjVXofs85iUlEp9eaEFmDiusllAbSfVReARoWR%2BtwQwaoX6B1Rwl9ZkuilYqe%2Bg7oqLGRDQKs6ohTHjgF0JWDupXKKN20t6sTluqTq%2F6CBl%2FtEx3t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891bf67767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/yinin6.jpg
172.64.131.13200 OK 7.8 kB URL HTTP/2 cdnbun.com/upload/yinin6.jpg
IP 172.64.131.13:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 04c35687c4695f37e1a5f4658d356f23
ad851fa11794c089e9808d4ef884341ef82e9ccc
32988077ca75419c484ea3f154136fb61dc4983d5efb4178031d05ec210dbe45
GET /upload/yinin6.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 7772
x-guploader-uploadid: ADPycdvZwwv50LMyQr8ojAx1F3sOhSihY4vjvYXhaOzdXKahsRlq_DZy1vxTTTxK7OV7sigpw4vdUXuKRW-nM2yrxwahNYYouZK1
expires: Sat, 04 Feb 2023 12:06:51 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:26 GMT
etag: "04c35687c4695f37e1a5f4658d356f23"
x-goog-generation: 1664826145966244
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7772
x-goog-hash: crc32c=en2NPg==, md5=BMNWh8RpXzfhpfRljTVvIw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uDAMpvtdRufx7bbdARhvD8b3ovpavponeU0ytekvyshwME6nKcX2y9qJu3vXoUl35v7wANXNpCboQ4mpl25s4IKVzUigFWp%2B249eNJyTJIpnw%2BWoXrSTFP1%2FYPu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a895c6a7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/yinin2.jpg
172.64.131.13200 OK 9.7 kB URL HTTP/2 cdnbun.com/upload/yinin2.jpg
IP 172.64.131.13:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 66e4c60767aec458cd2e5dfce9032a64
c1a27d185f4f19501227e77504d436d03612dd53
c723c5d32e49e898f46975fb28e5d0b1a5c9942f59beead02ab696b21d6df701
GET /upload/yinin2.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 9706
x-guploader-uploadid: ADPycdvbr3agIMZhboq1dwk36cm3tPHKl7_86vsgANl7m7qpe29pL35uV6YdWIqMee210EtzQw_PBNJlg6iiCY4nuhaLmw
x-goog-generation: 1664826144584320
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9706
x-goog-hash: crc32c=wewGDw==, md5=ZuTGB2euxFjNLl386QMqZA==
x-goog-storage-class: STANDARD
expires: Sat, 04 Feb 2023 12:16:42 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:24 GMT
etag: "66e4c60767aec458cd2e5dfce9032a64"
cf-cache-status: HIT
age: 689
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmUhxZmcl8nMBFKcwi2eeemA9hhY%2FP16QA1OX4jeNN5NEIJIAM%2B0NxGnJBWv5R5sPP%2F8rid6P%2Fu1pcDt8F9dQVjTDP3DvXYa3EGGymuw7PLKRsCdoYdTDFGg9vwp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a896c8b7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822
172.67.182.242200 OK 38 kB URL HTTP/2 hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822
IP 172.67.182.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 32129af35984a35bc237254b87c294ea
d8097b18f7e8005a562f17cc30db84c3fd2a7e99
9f4f85f36bde4f63dbef51dc8c0d10c5f563bdc4d4f1d59aa2805e7900c5c00d
Analyzer Verdict Alert quad9 Sinkholed
GET /wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822 HTTP/1.1
Host: hakivz.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://truewrestling.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: pType=mo; expires=Sat, 04-Feb-2023 12:31:15 GMT; Max-Age=720; path=/; domain=hakivz.cyou
luluhypermarket-xh2-tthh1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.hakivz.cyou
luluhypermarket-xh2-tthh2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.hakivz.cyou
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Ftg8iP9ZJSVNp%2F4ETDW0hzSCMjQNbTf4OTmTHXO%2FiSRe0cFwLdel%2FhPUB2PniN9NtKCjKXg%2BxYvvq%2B%2FgW9Etixh4LMyxvJvjCw%2FKJVYwXmIUs%2FWG3GjV5fQKLvz0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79435a862a470b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash adce3a081490452d571fd3951347918f
87371b471d8098055cfc08d49f4c6f4599668360
ea5bc3af900d247fa77cf4a63c03d1e16485b782fb3b8612afb908648622d16d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA5BC3AF900D247FA77CF4A63C03D1E16485B782FB3B8612AFB908648622D16D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1948
Expires: Sat, 04 Feb 2023 12:51:44 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive
cdnbun.com/upload/luluhypermarketxh.zhu.jpg
172.64.131.13200 OK 63 kB URL HTTP/2 cdnbun.com/upload/luluhypermarketxh.zhu.jpg
IP 172.64.131.13:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 512x288, components 3\012- data
Hash 539eb0dd5e7957ce90562cabe6c674b7
7a367dccb2a5a93e8e6f57c3f342e2eeeccccbd2
64f85ceafc0cae2f4bdadc24df8e15d237dfc3b5be662cb2c2e0bb3ddda46a49
GET /upload/luluhypermarketxh.zhu.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 62853
x-guploader-uploadid: ADPycdvJ6Bml_P5BI2Uhtjhs1sT0B2wEhQT1JW62tC6LuRlBJwhnx8dHIdw1EZGtYx_pe7k5tbRqA1r1__8RnP6Hnufa9g
x-goog-generation: 1665707723798510
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62853
x-goog-hash: crc32c=QFq6cA==, md5=U56w3V55V86QViyr5sZ0tw==
x-goog-storage-class: STANDARD
expires: Sat, 04 Feb 2023 13:19:16 GMT
cache-control: public, max-age=14400
last-modified: Fri, 14 Oct 2022 00:35:23 GMT
etag: "539eb0dd5e7957ce90562cabe6c674b7"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4BDl549mYioo53Rp%2BXcC%2FM1jij4uf0qq%2FRFlziqyTQUyzz2cuFtji1LAHXXDp7Ygv%2BsVGNkdMYqMVco6mDwIFqbShMg9My2GBf1zt4dZnFtcGRHVRKyZbkjK6Ab"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a892c177767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12917
Expires: Sat, 04 Feb 2023 15:54:33 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12917
Expires: Sat, 04 Feb 2023 15:54:33 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12917
Expires: Sat, 04 Feb 2023 15:54:33 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12917
Expires: Sat, 04 Feb 2023 15:54:33 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 50923
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 518bba9a8770e8ff15229a68be5bddc3
139f944b3f4279e640901f7a6b993f1a49b51a22
0591e73dec2190752677f06525bc993dc8c7a5aa20984a5eda64c323188e2b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9743
x-amzn-requestid: b6c1caa9-72e4-476f-9c3d-4a746c410ba3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHLJoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-1289ef383fbad59621eda6d0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nIp2nUVnamnoTpFwrN1L4K1dqjYvcDGuV2yFqYskkXb14k72AZsjMg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:41 GMT
age: 51035
etag: "139f944b3f4279e640901f7a6b993f1a49b51a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 50935
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:30:36 GMT
age: 49720
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 52272
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 50746
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN>m=45je3210&_p=20858354&cid=258537277.1675513192&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675513191&sct=1&seg=0&dl=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822&dr=http%3A%2F%2Ftruewrestling.top%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN>m=45je3210&_p=20858354&cid=258537277.1675513192&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675513191&sct=1&seg=0&dl=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822&dr=http%3A%2F%2Ftruewrestling.top%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LW7434MYMN>m=45je3210&_p=20858354&cid=258537277.1675513192&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675513191&sct=1&seg=0&dl=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822&dr=http%3A%2F%2Ftruewrestling.top%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hakivz.cyou
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://hakivz.cyou
date: Sat, 04 Feb 2023 12:19:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G>m=45je3210&_p=20858354&cid=258537277.1675513192&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675513191&sct=1&seg=0&dl=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822&dr=http%3A%2F%2Ftruewrestling.top%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G>m=45je3210&_p=20858354&cid=258537277.1675513192&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675513191&sct=1&seg=0&dl=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822&dr=http%3A%2F%2Ftruewrestling.top%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0C230YDF7G>m=45je3210&_p=20858354&cid=258537277.1675513192&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675513191&sct=1&seg=0&dl=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822&dr=http%3A%2F%2Ftruewrestling.top%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hakivz.cyou
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://hakivz.cyou
date: Sat, 04 Feb 2023 12:19:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
104.21.2.47200 OK 2.0 kB URL HTTP/2 cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
IP 104.21.2.47:0
File type ASCII text, with very long lines (4720), with CRLF line terminators
Hash 3e570c484a2c1f53262f34d317c0fe93
d5224555a314ae4b00e7f2992b9368f40a319ac9
de14f5f47e0ed9426c0b6559b0e2aeaf53cbc7c6713891dbc4bab853db9a07fa
GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdsQwI6S5jC2ZwwNbaEnMvjelWJ3GXYdnwkp6yGGRsWcMv2CGKN45430-s2v57JOsXldQJq3rMwQOTmm_DkHtW4
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
expires: Sat, 04 Feb 2023 11:41:04 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
cf-cache-status: HIT
age: 3272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3D0ZR1cbtoRIqvKH1zjTStRGtNADlkPuqlyASR1TpwDuCaggFS4fplx6TxMJGkI44PO9Z%2FKSLKY4O0OGCpIvUqaFQmEaQvl1M3fsbGGc3JLD0YzrwEff%2Bomgh%2BUF%2Bjy%2Fjrk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a874e3f0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash f2f3274ded470c2f3ff65621c03f3916
b054fbae0b5932c5760b077db0fecc7d1e1a7f1f
659a25196d93cff0bf50471d5c5990652095486fab96721a21bbb3aecd964fcc
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 12:19:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 09:27:28 GMT
ETag: "b054fbae0b5932c5760b077db0fecc7d1e1a7f1f"
Last-Modified: Sat, 04 Feb 2023 09:27:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 424
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79435a941bfc0afa-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash f2f3274ded470c2f3ff65621c03f3916
b054fbae0b5932c5760b077db0fecc7d1e1a7f1f
659a25196d93cff0bf50471d5c5990652095486fab96721a21bbb3aecd964fcc
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 12:19:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 09:27:28 GMT
ETag: "b054fbae0b5932c5760b077db0fecc7d1e1a7f1f"
Last-Modified: Sat, 04 Feb 2023 09:27:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 424
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79435a941b60b4ff-OSL
hm.baidu.com/hm.js?cf5f85a1112c1bf109dd2db200986b2e
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?cf5f85a1112c1bf109dd2db200986b2e
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (674)
Hash c925945b9ac2da39f660409ebef4deab
eec3ecc901d214f25f5fc5c2e3a8e3c5f62d36f9
32932a13791cbda3948e3d3e87d596ad3102ffc3e16319bb539003646d00625c
GET /hm.js?cf5f85a1112c1bf109dd2db200986b2e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11312
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 12:19:18 GMT
Etag: 1beb98940d19b9629cf8e85afcd6e632
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=10106235277CDF4B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash 5063ffb21c355667ced035ce956bed60
7e5d42f7aadbee12e170d2a04528134598335667
e45b9e46741891f115590406771c4a5b5ee25be2d95c95fcd5fbc06defda0913
GET /hm.js?957de4d70bf7b7be33bc859d43ad70c6 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11263
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 12:19:18 GMT
Etag: f809335056c52b220be63ef75ea9d46c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7CE49D58E927E38C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash aa8725747378b42d15bf04e252ef6d5f
db4fe9939d1597a3b0a045e5a8ec9d436a01284c
64450bc5536a85c4299956a4a48c1af84315fc53f26dbb60c6e36608e8ce0fe1
GET /hm.js?ba99808308e7272d58c43367a11d1204 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 12:19:18 GMT
Etag: a599bc6c50c69d6bbd4b1fc10e196d29
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FEBC185C47F028DB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 0f041fda120ea089920e1807af571829
751a310760e97081f0d27126fa29d98ec95a7c05
12e046b224b1ba076b3f9102e50bbaa6e73aacc335b6308c7a02ea8ed2550b11
GET /hm.js?8b68846a3ac1709b0ec7199084ee5ea8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 12:19:18 GMT
Etag: b405a9b94827bc824eb8aa843dab9a7e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FE0D7E3031F86D56; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1529530784&si=cf5f85a1112c1bf109dd2db200986b2e&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45384&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1529530784&si=cf5f85a1112c1bf109dd2db200986b2e&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45384&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1529530784&si=cf5f85a1112c1bf109dd2db200986b2e&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45384&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 12:19:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=569C6D1AAB030442; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1047870090&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45384&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1047870090&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45384&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1047870090&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45384&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 12:19:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5522679F0F94EC0C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=63969694&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45385&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=63969694&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45385&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=63969694&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45385&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 12:19:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=15157FC313009EC0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1736617851&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45385&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1736617851&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45385&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1736617851&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45385&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 12:19:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1CF8D002A2A2D1B7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b4bb203a35f47f07ca96456cb9509955
80b8accc9534329116f2ccaaadfd6963bc53f4a5
25fc0b8c41a3ee3a418b1522aa15670e8191c580b99a605c43279ea6b44ada17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25FC0B8C41A3EE3A418B1522AA15670E8191C580B99A605C43279EA6B44ADA17"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7025
Expires: Sat, 04 Feb 2023 14:16:24 GMT
Date: Sat, 04 Feb 2023 12:19:19 GMT
Connection: keep-alive
aff-a.advertica-cdn.com/generic/8756_14615EN-DW23-300x50.gif
185.66.200.127200 OK 14 kB URL HTTP/2 aff-a.advertica-cdn.com/generic/8756_14615EN-DW23-300x50.gif
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
Hash 8db499b3bc4e61dda9ea77fb0ef64b9d
28e7ea434f0669183bf31188c35b0f2462d2701c
c04248aba07079c550048bfa0c7b3bfd793e8fe6f62aacf2d77391e87c86bb30
GET /generic/8756_14615EN-DW23-300x50.gif HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:19:19 GMT
content-type: image/gif
last-modified: Mon, 28 Dec 2020 14:27:49 GMT
vary: Accept-Encoding
etag: W/"5fe9eb65-1cb7"
expires: Mon, 06 Mar 2023 12:19:19 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167551315566320&xtt=8583158
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167551315566320&xtt=8583158
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167551315566320&xtt=8583158 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 04 Feb 2023 12:19:15 GMT
last-modified: Sat, 04 Feb 2023 12:19:15 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
104.21.2.47200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
IP 104.21.2.47:0
GET /npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycds_5oPtcr3KFpC_u7Lnvdlqz8VeCGxAgHcXFP3zMljDMh6Q0ifyAwrLV7e0dbEbUBwQbF9kY0g0GrHWdqicRh8
expires: Sat, 04 Feb 2023 12:23:06 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
etag: W/"80924b62e5b3ac73aa4849776b439770"
x-goog-generation: 1647502839791727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 72765
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8mpUfk956kDJyHs1KC%2BStBmNqJ9i4%2BVk04asmm01Dom62xtWv1qO2EkBfifdVHlZuE05XtUDd%2BWcFBV%2B5%2FIvZA9veRynArYTzUEXXqerhyifb2Oxt4%2BSmMstIoeZNjW9Ug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a873e320b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
104.21.2.47200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP 104.21.2.47:0
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
expires: Sat, 04 Feb 2023 11:25:54 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQnM9%2BSSjbdx1SOXgsJeyPtVOmgpZ5pbopUbQLfI6cgASshMbnNzAbHb8mrfufZBwgrIYcWa%2Bgmrc6uGTzViMEXaBSoDqyLISsgj0VVR6v1VlHMOEYPP7Fn%2Fi1a1TrYLwD8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a874e350b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
104.21.2.47200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
IP 104.21.2.47:0
GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdujKqP4OmsICcw4by2ej4M3gF2bmp67KcND5Yd7ZkChGu92L3U7j930k4J7s5KmD98KzStiLKDZt_7_8jjTVv4
expires: Sat, 04 Feb 2023 10:15:08 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShTIw2GCiGCcsz8MudUzleycU7y9zBuBql5MqXAp5iqcz2YkDFnCUg9K3%2BN7q78Nqy%2FCfeny37DDSuB2QGIAAG5ABQDef6hiDvuW1yPDN4sQXhAMaR49zJkohItqBlAOf70%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a873e2c0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bonepa.com/4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_203&maxw=0
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_203&maxw=0
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_203&maxw=0 HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:19:19 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Sun, 05-Feb-2023 12:19:19 GMT; Max-Age=86400; secure; SameSite=None
used_ad2558187=1; expires=Sun, 05-Feb-2023 04:59:59 GMT; Max-Age=60040; path=/; secure; SameSite=None
total_impressions=1; expires=Sun, 05-Feb-2023 04:59:59 GMT; Max-Age=60040; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: application/javascript
expires: Sat, 04 Feb 2023 12:19:15 GMT
last-modified: Sat, 04 Feb 2023 12:19:15 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
bonepa.com/js/responsive.js
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/js/responsive.js
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
Analyzer Verdict Alert fortinet Phishing
GET /js/responsive.js HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2