Report - truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256

Report Overview

Submitted URL
truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-04 12:19:26
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.cc	323508	2021-04-12T04:06:51Z	2023-03-13T05:43:19Z	2.4 kB	44 kB	104.21.2.47
aff-a.advertica-cdn.com	unknown	2017-01-29T12:40:33Z	2023-03-13T05:44:35Z	411 B	15 kB	185.66.200.127
uprimp.com	216873	2019-02-11T09:10:06Z	2023-03-13T05:43:19Z	954 B	728 B	185.66.200.220
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	1.4 kB	884 B	216.239.32.36
bonepa.com	905859	2021-05-30T07:45:50Z	2023-03-13T05:43:19Z	888 B	865 B	185.66.201.42
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.7 kB	9.8 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
truewrestling.top	unknown	2022-11-05T09:01:48Z	2023-02-04T11:20:40Z	1.5 kB	4.8 kB	188.114.97.1
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.4 kB	5.6 kB	142.250.74.163
1.bp.blogspot.com	8403	2012-05-21T15:44:19Z	2023-03-13T08:43:54Z	949 B	196 kB	142.250.74.161
hakivz.cyou	unknown	2021-09-12T07:12:35Z	2023-02-06T00:17:25Z	509 B	39 kB	172.67.182.242
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	758 B	155 kB	142.250.74.168
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.161.147.150
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	1.4 kB	2.9 kB	23.36.77.32
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	60 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	826 B	24 kB	151.101.193.229
cdnbun.com	unknown	2022-09-11T09:52:04Z	2023-03-13T05:43:19Z	5.9 kB	259 kB	172.64.131.13
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	718 B	3.8 kB	104.18.21.226
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-13T05:32:36Z	4.2 kB	49 kB	103.235.46.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-04 12:19:50	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-02-04 12:19:50	medium	Client IP	188.114.97.1	ET INFO HTTP Request to a *.top domain
2023-02-04 12:19:51	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-04 12:19:51	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-04	medium	bonepa.com/js/responsive.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-04	medium	hakivz.cyou	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-4H67Q73L3Y&l=dataLayer&cx=c	239 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-4H67Q73L3Y&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:43:54 Last Seen2023-03-13 16:43:54 Times Seen1 Hash 988a56bc306226747cbe130328760f77 95ee8f62cdd7d74cdc268fcec9eb13453824d12e d55f52d9e19083ea72beca4e870be1afd3d519ea5dacb40f68170b3503aaf29e Loading...

	hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822	1.2 kB	2023-03-13	2023-03-13
Pretty URL hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822 IP 172.67.182.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:43:54 Last Seen2023-03-13 16:43:54 Times Seen1 Hash 1c01c2d63ed32b3ac59f1abd895c7255 56f77a9f233eaef8ba17b0e5985d2feb0ec86c56 d977e4aac8852632ef028e29e27d4f4398277d94cbe1e892bca00a92c4d92816 Loading...

	cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js	73 kB	2023-03-07	2023-11-30
Pretty URL cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js IP 104.21.2.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:21 Last Seen2023-11-30 03:40:45 Times Seen2141 Hash 80924b62e5b3ac73aa4849776b439770 341572abd41f0ca4ec64eb0d61dff2fa864bbece 0b7274b0b5b7f411de46416a6c9941062f7a57aaf919fdeda367b5959f4ce8ef Loading...

	hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822	289 B	2023-03-07	2023-04-19
Pretty URL hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822 IP 172.67.182.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:40 Last Seen2023-04-19 07:54:55 Times Seen156 Hash 87dd64e953a58857154a65712ee76503 e741bb44bb1e0b052136235b67a3dbae8d04154d 9ab73ab5064c5f99421116dd127fe4e09178aa7c49ed282406227e8f3a5b6dc6 Loading...

	www.googletagmanager.com/gtag/js?id=G-LW7434MYMN	220 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-LW7434MYMN IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:43:54 Last Seen2023-03-13 17:02:04 Times Seen1 Hash c3dfa9de9a7017ddc5d6d3fce8488a98 e451b14c0abc067a407ce7a3e84414f1c30e0d54 94fb1dfc709ceee65b80f32db95efa12cbf78ecef2ff70ea6bce081a9ff5b531 Loading...

	www.googletagmanager.com/gtag/js?id=G-0C230YDF7G	220 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-0C230YDF7G IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:43:54 Last Seen2023-03-13 16:43:54 Times Seen1 Hash b3efe58e9f9bc5c290e9c5a6e3b0d888 edfd516a37a46abbf48c5f1c83d3af13653dab81 87a81a62062c1d935a13d4a0b2991a14fda2d5f78833420a0bda03570dc747f2 Loading...

	truewrestling.top/j/og2.js?_t=1675513190633	2.1 kB	2023-03-07	2023-05-13
Pretty URL truewrestling.top/j/og2.js?_t=1675513190633 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:40 Last Seen2023-05-13 08:10:15 Times Seen78 Hash a2aba2e9fbba54130583d9e60732584a d79bcf7999954159381992e2ba5f3c3c6d3520c4 ff399ce0e73811942164279fbe3a4c16b016e7a3b8098d0173e732c19c5c1d4c Loading...

	cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js	64 kB	2023-03-07	2024-04-20
Pretty URL cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js IP 104.21.2.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:21 Last Seen2024-04-20 23:30:44 Times Seen2408 Hash c99230d2575380d7f95ff626606d2426 df0920ee8df5e0a410c714946f22f36846a32a16 a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709 Loading...

	hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822	22 kB	2023-03-13	2023-03-13
Pretty URL hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822 IP 172.67.182.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:43:54 Last Seen2023-03-13 16:43:54 Times Seen1 Hash ea1c144db8949766d8b1f0c7b12306ce 3863b6dbf61acd88f500c44c69d102c4f126116e 57d448baa287c916c7fc700be6486db8283ecbd5903b2bc78879bcbb64f40173 Loading...

	cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js IP 104.21.2.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:21 Last Seen2024-04-26 13:22:53 Times Seen5989 Hash 3e4bb227fb55271bfe9c9d4a09147bd8 156837f75f6600ccb602b4efcbd393636c33f35e ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127 Loading...

	cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js	21 kB	2023-03-07	2024-02-22
Pretty URL cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js IP 104.21.2.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:21 Last Seen2024-02-22 22:40:31 Times Seen2172 Hash 31c898c6d2ea13c30441657ff1900d81 926358fdd9da991539764240ab29de37391cdd57 e290dc4993b9ae7d34440db26be412b4bc4547a48ff635750d400164665d7fa6 Loading...

	hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:43:54 Last Seen2023-03-13 16:43:54 Times Seen1 Hash 7cf3b81d7748bebd7ea3979a230f27c6 38bbf6b8e273ca969bb518ca9ba612673ab2659e 86f2bdd67ea062b1cca5c2bafd993d4e50b0472b9ec10ff25f3d974356b83642 Loading...

	hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:43:54 Last Seen2023-03-13 16:43:54 Times Seen1 Hash b89c3274374d59cc4b67f4af40fc0215 c6e2ca6f5d8130e12839fe1512260679e0cbc1e0 713d69a892cd1df785ed2d09afa1cbb0a4dae76841c64cc0e9941b5e865d6c78 Loading...

	hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822	153 B	2023-03-07	2023-08-13
Pretty URL hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822 IP 172.67.182.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:40 Last Seen2023-08-13 05:27:55 Times Seen313 Hash f89f2abea47c87b0c53911fd5c57e2cd 8212dc5e0aa57db97863ac935ecd48e78bef6c93 f07ed966b46022ce34f82943bdfcbfe650e94de72e48554a68f1b9322f9a5619 Loading...

	hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822	153 B	2023-03-07	2023-08-13
Pretty URL hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822 IP 172.67.182.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:40 Last Seen2023-08-13 05:27:55 Times Seen385 Hash 364bd8f8f5ac961020da38fed6a7f257 8ff887b90f7145b34c383c149166f00ffc3b71b2 6a70ed1c5b6a7d6e01210d8ad432938c59953ce7dab1c21a7be8339d34099319 Loading...

	bonepa.com/js/responsive.js	3.6 kB	2023-03-08	2024-01-02
Pretty URL bonepa.com/js/responsive.js IP 185.66.201.42 ASN #201702 skHosting.eu s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-01-02 15:38:41 Times Seen1405 Hash 1fd0cfd19ca9bb5b78f3e29cb3513eda 83c61bbad03a425bc0008d29601fd4ef95c41a5c 542ff7234f3f326b5697cee7a2254b234ece203ab4bf30a468432ee2bacce8fb Loading...

	hm.baidu.com/hm.js?cf5f85a1112c1bf109dd2db200986b2e	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?cf5f85a1112c1bf109dd2db200986b2e IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:43:54 Last Seen2023-03-13 16:43:54 Times Seen1 Hash 987ea26a78431ee838010fa42c5f655a 965ed2c4cc0c3f3ba922c1e5c6e447baa14d02c4 5f7b0edf2ef61cf349be10cb72da2bfa597f2246dba9383356a9055b660883f5 Loading...

	truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256	396 B	2023-03-07	2023-04-05
Pretty URL truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:40 Last Seen2023-04-05 02:08:43 Times Seen66 Hash de61ca3b537d40f379c5275f9e1e0eb6 7456a6d855246d02119ee161809557b39e387db5 482802c1f1ddb9c7fcb559b97270915cb1d2f1dc1a222ba08bbff87d5c931973 Loading...

	cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js	4.8 kB	2023-03-07	2023-11-30
Pretty URL cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js IP 104.21.2.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:21 Last Seen2023-11-30 03:40:45 Times Seen1349 Hash dc6de9813c714ba99733ca4fb5d3a1fa 70ad9cf6787f5b640095afb3d1a8914b43da483d b219e4cd8f8f9216f159285019be30d6bfe475d92ca30b3561551aaa2174751d Loading...

	uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g	427 B	2023-03-13	2023-03-13
Pretty URL uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g IP 185.66.200.220 ASN #201702 skHosting.eu s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:43:54 Last Seen2023-03-13 16:43:54 Times Seen1 Hash e6dc7032b91cdfad25a58c0b23b88774 a394094ea2b23d8f3ce1cb1dface8f79f4e7a2ca f2fcce2c483ad0d991819e67da936f45996e0a3dcc8e05cbacc762d1cb384818 Loading...

	hakivz.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-26
Pretty URL hakivz.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 21:13:24 Times Seen55072 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:43:54 Last Seen2023-03-13 16:43:54 Times Seen1 Hash 4ca8052f934cc9704750c77ffbf32bbd afd5ab1a2db23826d056241fc8467dd0aabbae8b 81349342d612edb67945644f80d0032e346b4b97ed51ad8f5f376c2e25b8493d Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2bdca4742b90dc8baafd83f973e32126	1.1 kB	2023-03-07	2023-11-30
Pretty Observations First Seen2023-03-07 01:02:21 Last Seen2023-11-30 03:40:45 Times Seen1229 Hash 2bdca4742b90dc8baafd83f973e32126 0bf64d92a304e9b623e6b6bc23254ff6a68bf32f dcc5c06f0c04f18293f2ce37777d07a16b2a5610b5fc8c05e15538b67cec2650 Loading...

		Size	First Seen	Last Seen
	#1 Write - 34496b611862049e3aa36dd6601bdabb	362 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:43:54 Last Seen2023-03-13 16:43:54 Times Seen1 Hash 34496b611862049e3aa36dd6601bdabb 4df14e99eabffd7be72fa48483f136bdfb9c2ba1 077a8dd826ff24a94623054178b20053c33adff6afa2dc6393c4433795f9f145 Loading...

HTTP Transactions (82)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7530
Expires: Sat, 04 Feb 2023 14:24:44 GMT
Date: Sat, 04 Feb 2023 12:19:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18254
Expires: Sat, 04 Feb 2023 17:23:28 GMT
Date: Sat, 04 Feb 2023 12:19:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6535
Expires: Sat, 04 Feb 2023 14:08:09 GMT
Date: Sat, 04 Feb 2023 12:19:14 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 11:43:37 GMT
content-type: application/json
age: 2137
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: N0k39FnQrj4coGQGd/8W82vf4oXIi0gqLs9vue3R6/EzgdYMOf/GBL2sfvMtiMQoi2URYnU8nh0=
x-amz-request-id: 7S7BQAM4MHJXPW1Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 11:52:49 GMT
age: 1585
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256

188.114.97.1

200 OK

596 B

URL HTTP/1.1
truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (553), with CRLF line terminators
Size
596 B (596 bytes)
Hash
4dfe9f4245698c24fb5580c57464d764
1a22847d815ca398525dbfb4629e1bc4fde0ebe9
d63e1d25db6c167355af0147c16f37025c13757dc09fc5a7827c83c82862377f

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /luluhypermarket-xh2/tb.php?hn=tq1675503005256 HTTP/1.1
Host: truewrestling.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 12:19:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4oukw2u38%2BWHzql54PkPeXi%2Bg4W2lOUS8%2BtOcN4MmgeqwbWCY0dFoPjtfKZt2%2FSIUIEl%2FL7JKxj52ibDsA0PsrpkZNiFRc4eg56NuFStV6KDILCVE0gFvqzhBdyxWvB1mkk3A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79435a80a8f8fac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:19:14 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

truewrestling.top/favicon.ico

188.114.97.1

200 OK

455 B

URL HTTP/1.1
truewrestling.top/favicon.ico
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
455 B (455 bytes)
Hash
3c5d244b8b6b192c76a2c4331450c235
7e53f5ad871fcd67705eaf77f1ca9ff247143e1e
e0f26b6349453a86cd1f0f87cfd80559ef7edb6d88ff0af9ced7d7e413c548e3

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: truewrestling.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 12:19:15 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2016 03:54:11 GMT
ETag: W/"5861e5e3-1b0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3998
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIVX3GB06TBZWo%2Fjr8JWrQgFdnCkd%2BY%2BNd%2BjQ2LGKFMsl14HlymjYlloLJBrw4lC0qOZReC%2FCk5ydwCm4DC6%2BdFXpun6i%2BxskvLzUnsrSiGwR9clLvS5mrPkd%2FGZPjkFeR%2B4Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79435a82da96fac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

truewrestling.top/j/og2.js?_t=1675513190633

188.114.97.1

200 OK

942 B

URL HTTP/1.1
truewrestling.top/j/og2.js?_t=1675513190633
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
942 B (942 bytes)
Hash
bad1af26351d2e87c035596233940ab0
9ac0e34dcbfd29ca3070c506c200777a8016b161
bc734ed6fc97cbcbaa0ed5236ce8aa46754596a9a79eef96684242d231d0644e

HTTP Headers

GET /j/og2.js?_t=1675513190633 HTTP/1.1
Host: truewrestling.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 12:19:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 16:09:56 GMT
Vary: Accept-Encoding
ETag: W/"635172d4-850"
Expires: Sun, 05 Feb 2023 00:19:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M45lRiNh%2BHrFDVkYfVyt7nzVI6A2HxN5m49BKuo6FcP15H6VaKKo5MIUWhYh86sqq00wUuv5D9yDEH2kgVglk7BkH8sRsrlsz15OuAahWU4dONjZzI1K01pNiiuvHVnrqTv0Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79435a83bb59fac4-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 12:07:19 GMT
age: 716
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

truewrestling.top/j/og2.php?_t=1675513190736

188.114.97.1

200 OK

107 B

URL HTTP/1.1
truewrestling.top/j/og2.php?_t=1675513190736
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
107 B (107 bytes)
Hash
34509a6b36c9a4952f2f08c41018001e
f4537b09b65c6471f5da92d6b4082d6fc4db6e3c
0ae8d596ab4f8e1257cacef82125bc02fd695e304c76c001c0141ea2181c9cde

HTTP Headers

POST /j/og2.php?_t=1675513190736 HTTP/1.1
Host: truewrestling.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 58
Origin: http://truewrestling.top
Connection: keep-alive
Referer: http://truewrestling.top/luluhypermarket-xh2/tb.php?hn=tq1675503005256

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 12:19:15 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLCoPdlUqJprriaIlJ28SzrFvIraWavNOTH4LiHSwpeasebUnCQmPE%2BvgZp935L9oteNdTHOUyJEZiNj75ySGWYEM5rxIYINJgzMmh13SbjPTKarE9UjWhKutEs4nynJV%2B6LRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79435a846bd6fac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/s/gts1p5/lUBhjpg2Mlo

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/lUBhjpg2Mlo
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0971914ee2c2cefb20a4404c4ad70933
808fb820741bf8878dfc8344e6869feeb8717630
aeb07e9af1260d1d670bc2412440c14a5b9cf8beded2dde8d8fdede1869cdc5c

HTTP Headers

POST /s/gts1p5/lUBhjpg2Mlo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8741
Expires: Sat, 04 Feb 2023 14:44:56 GMT
Date: Sat, 04 Feb 2023 12:19:15 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/lUBhjpg2Mlo

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/lUBhjpg2Mlo
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0971914ee2c2cefb20a4404c4ad70933
808fb820741bf8878dfc8344e6869feeb8717630
aeb07e9af1260d1d670bc2412440c14a5b9cf8beded2dde8d8fdede1869cdc5c

HTTP Headers

POST /s/gts1p5/lUBhjpg2Mlo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css

151.101.193.229

200 OK

2.2 kB

URL HTTP/2
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
IP
151.101.193.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (16263)
Size
2.2 kB (2162 bytes)
Hash
bd3ea59ca12635e32402ec20cb196249
b1bfdaba4a00c2932245ff9eabea38016f9c9069
b99f8f79de257275fdbf6a8e0eb4652b0d69429552234b1f444c08ae85000341

HTTP Headers

GET /npm/select2@4.1.0-rc.0/dist/css/select2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.0-rc.0
x-jsd-version-type: version
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 12:19:15 GMT
age: 26933661
x-served-by: cache-fra19146-FRA, cache-bma1683-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2162
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css

151.101.193.229

200 OK

21 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
IP
151.101.193.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65317)
Size
21 kB (20556 bytes)
Hash
b5ae87c0e4dd241b533e67053b0b719d
6b7b568694a95d81a94dea9ef7a85d1317d448dc
5bae5997fbca925ac6e52be8163ca897e751fcc9331552e0f77a22dd35b64521

HTTP Headers

GET /npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 6.1.1
x-jsd-version-type: version
etag: W/"189ae-CRAs/GDvtDCiXul87ppqNd9t/Fk"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 12:19:15 GMT
age: 8169268
x-served-by: cache-fra-eddf8230116-FRA, cache-bma1683-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20556
X-Firefox-Spdy: h2

cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js

104.21.2.47

200 OK

8.1 kB

URL HTTP/2
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP
104.21.2.47:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (21060), with CRLF line terminators
Size
8.1 kB (8136 bytes)
Hash
8470ac7b3fb4831728e528af6aa60c0b
8c1949006de547e874e7bef7fc7ce283c274eb9f
65cd3226f5f49e0fb93d28bc96c29db67c869e16ef3b86ac62a0035f2732d30a

HTTP Headers

GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdt8iAiFUD-J6NleyhXb8_vV8-wAPh_5tba_l2ugugXdkSJbrWiN1EsoSHZyahG4iSEJB_zV100HdRQRWXjd72Q
expires: Sat, 04 Feb 2023 11:25:50 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXaal%2F925O7QTJk1B%2BvQgiApOxwv%2BAAsiqRq2lS0SqRorSXqCKbct9lahtVZVp5WLQYAqBNecWRWZWzmhJ0RiX3lHvyCw9dVR%2B09IJNTG65tSScL4Yl4QcNPqiCL0Pi5qTk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a876e580b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

1.1 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
1.1 kB (1127 bytes)
Hash
8445d9aac2d6e80f2c93554f0661bbfd
2f85690b0ea03a4de298149096d9a940f9c554c4
5e80f3d890fe3f28f816be1ca482673af0397206c2eb2ff8d9b0ee34e14f0a62

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-0C230YDF7G

142.250.74.168

200 OK

77 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19467)
Size
77 kB (77007 bytes)
Hash
262c4a16695530b3fd2c58a2253a930a
b3e7a834d178b8af69c87ff50ec570522cf97064
1b223ad7bffc9d1e154704588eef287d13c320f3893e3a8c12aa530f13c67bf9

HTTP Headers

GET /gtag/js?id=G-0C230YDF7G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 12:19:15 GMT
expires: Sat, 04 Feb 2023 12:19:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77007
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-LW7434MYMN

142.250.74.168

200 OK

77 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19467)
Size
77 kB (76976 bytes)
Hash
00e0812250da74e0125c975c645cb1ff
51ca78185a731baf1be6f0d4fb752c73cfc76c8e
a7f50c8c6dbd1e07f0262fc5d442c57e782a474601b2ce1d40010b167dc6b948

HTTP Headers

GET /gtag/js?id=G-LW7434MYMN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 12:19:15 GMT
expires: Sat, 04 Feb 2023 12:19:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76976
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7bdc458793f63515f326d2003fd8be4f
0637715bfb34ea51e592d2ad4252ad0f901feb2c
ebb8f0f0e2be864c2482ee6564afc09e7998396d645a2a6011acc19e9cf3e3c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8F0F0E2BE864C2482EE6564AFC09E7998396D645A2A6011ACC19E9CF3E3C6"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16220
Expires: Sat, 04 Feb 2023 16:49:35 GMT
Date: Sat, 04 Feb 2023 12:19:15 GMT
Connection: keep-alive

push.services.mozilla.com/

35.161.147.150

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.147.150:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2lngF3QERSYRQ7g96nL21A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: s7k0St6mEj4lRxyTOz71lK+nEJo=

cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

104.21.2.47

200 OK

26 kB

URL HTTP/2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP
104.21.2.47:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65321), with CRLF line terminators
Size
26 kB (26517 bytes)
Hash
cdeead65a36c16f6638164b3b5392e28
7d8599f765eeff4621b33b35f0904eff59bb4785
bb33aecd0f0c118e0e587555d858bf95f0636076900e24824572562ae15d4631

HTTP Headers

GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/css
x-guploader-uploadid: ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw
expires: Sat, 04 Feb 2023 12:23:06 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
etag: W/"feba0d0760607b9e21393156949afcd9"
x-goog-generation: 1647502692716912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161415
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOpXvnF8TvDNm12aIH69KKX6hgCza25RHchfgEUGECBh9gLrH%2Byfqmpk%2BbVrAM8DPcaO2j06eRjJBgWJJtUPCiwvvxkHz7E4n%2BXuj4jVaDPtH%2FHhcro62tfrQE7yjfLxmcw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a874e360b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ed0aa8323e751dd1b26751a5bbc08b7
1dc77046253b2642a7def68c7a7d33f4a4a47f47
906f154760200d54a0409b9f229b3c2f8e9d96ca751e44228bb92c29468fd371

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
adce3a081490452d571fd3951347918f
87371b471d8098055cfc08d49f4c6f4599668360
ea5bc3af900d247fa77cf4a63c03d1e16485b782fb3b8612afb908648622d16d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA5BC3AF900D247FA77CF4A63C03D1E16485B782FB3B8612AFB908648622D16D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1949
Expires: Sat, 04 Feb 2023 12:51:44 GMT
Date: Sat, 04 Feb 2023 12:19:15 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ed0aa8323e751dd1b26751a5bbc08b7
1dc77046253b2642a7def68c7a7d33f4a4a47f47
906f154760200d54a0409b9f229b3c2f8e9d96ca751e44228bb92c29468fd371

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png

142.250.74.161

200 OK

181 kB

URL HTTP/2
1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size
181 kB (180954 bytes)
Hash
fd835c1f326d3e7da0d9839550f66723
5004618bc15011d7d0f569f60f900d076b164b3d
b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8

HTTP Headers

GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Sat, 04 Feb 2023 09:51:51 GMT
expires: Fri, 27 Jan 2023 22:59:37 GMT
cache-control: public, max-age=86400, no-transform
age: 8844
etag: "v632"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png

142.250.74.161

200 OK

14 kB

URL HTTP/2
1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Size
14 kB (13695 bytes)
Hash
ff055162c5d233506eece3fb69a47e74
49812e303ae6674819b6a7a6e0721d555ef64df4
7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150

HTTP Headers

GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Sat, 04 Feb 2023 11:35:30 GMT
expires: Mon, 23 Jan 2023 07:16:14 GMT
cache-control: public, max-age=86400, no-transform
age: 2626
etag: "v630"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b6c149891b6cc0821148c3fd0c7c909c
d228cbb4b9a33e95cca401a4491511b287f5fc87
21ff0aa4d42e388ee809d02b3a2595c324cf0998386a5a44ceb326cfc18e4bfa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21FF0AA4D42E388EE809D02B3A2595C324CF0998386A5A44CEB326CFC18E4BFA"
Last-Modified: Fri, 03 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17530
Expires: Sat, 04 Feb 2023 17:11:26 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive

cdnbun.com/upload/yinin1.jpg

172.64.131.13

200 OK

10 kB

URL HTTP/2
cdnbun.com/upload/yinin1.jpg
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size
10 kB (9989 bytes)
Hash
9f839127e951e6cba423df87e5cf07ec
6ee3bd1afdfe9ec2f1f79114249755c0ab2c4466
babd75ed88bcf9a7c7d6a4cb955550fb76c4e0e314138b1f78137a0b013aba71

HTTP Headers

GET /upload/yinin1.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 9989
x-guploader-uploadid: ADPycdtO7y_77iyjHLgEYkkbJ3CsTsKcdgJ4zV1YF6EMuP7mtF4TCf1uZQogq6wAgeyPn631cIxA5aINMY8V1YcnlmmcKK8b7cOa
expires: Sat, 04 Feb 2023 12:16:42 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:32 GMT
etag: "9f839127e951e6cba423df87e5cf07ec"
x-goog-generation: 1664826152325374
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9989
x-goog-hash: crc32c=l82UJA==, md5=n4ORJ+lR5sukI9+H5c8H7A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1446
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vunJKGh4dq9%2BLVL%2FkiWoUpZB2OFOcgBdi0AQIL6wXfLL9vHu1qiP%2B54jJzrdPK6xM03bWfGiLMaKobN%2FQie68humrzc%2FfyJYqLT1tSNoklHyW5Jb1VnYlduj6gEN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891bf77767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnbun.com/upload/yinin8.jpg

172.64.131.13

200 OK

9.5 kB

URL HTTP/2
cdnbun.com/upload/yinin8.jpg
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size
9.5 kB (9470 bytes)
Hash
9438fdd580f94c978f69035105e13cd3
d46d09bf3ca401c1c0d91663a08168f3297afff4
e575c73e80a1cf7134b629c99a5727a0f108c739ce21c8f06f11903276b6f0db

HTTP Headers

GET /upload/yinin8.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 9470
x-guploader-uploadid: ADPycdv8XWD9uNItljd6CaEU6Y5Zg9ClMjG2GNBqjCzbBm5dUdOiCl3I8Xnf6ka2ib7jDLrtsyJqd14mzOokxvHPyXeJ4z-ktoOG
expires: Sat, 04 Feb 2023 12:16:42 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:27 GMT
etag: "9438fdd580f94c978f69035105e13cd3"
x-goog-generation: 1664826147217999
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9470
x-goog-hash: crc32c=PSDQww==, md5=lDj91YD5TJePaQNRBeE80w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3153
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIQwbO%2BkNB24HmlGcQyWf6yVmjA%2Fj0gtUn1w7dFd6Vkll8TTr66jiLz6vs%2FaVbPwitxdYRk4rXC3GZMa6RNmdZMju%2FzXg2iYmcaDX0U6ErZxYzKKztQjeaGi06bu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891bff7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnbun.com/upload/yinin10.jpg

172.64.131.13

200 OK

14 kB

URL HTTP/2
cdnbun.com/upload/yinin10.jpg
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size
14 kB (13584 bytes)
Hash
e4d604720788156badba6c24a3ae2f18
e3ac1b8a8683c93590c3c833400bb8426033617f
e06c2ce9f625b4fe7242a681f4f304295c919d2d60d1c686308aa8b937d19687

HTTP Headers

GET /upload/yinin10.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 13584
x-guploader-uploadid: ADPycdsr0vGZxJW2eE0fC1-WGzCieHwVgd_OYFj7qIMX3Ag0Zbas7_dNcyiTcv1wwrezj0DuESWFW7UCEwt9P8bBuQ6gPg
expires: Sat, 04 Feb 2023 12:16:42 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:27 GMT
etag: "e4d604720788156badba6c24a3ae2f18"
x-goog-generation: 1664826147233795
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13584
x-goog-hash: crc32c=W2VoYQ==, md5=5NYEcgeIFWutumwko64vGA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3120
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSm4K532C%2Btxx%2FX9wZZju%2FWckzdWc%2FBXHHk8v16kaHi5N9teyViepxhXgzt%2B6otCUQHtIQrM51rQYO%2FBq3PYSHzk81dSrM3H2h8bGWY1tke6E0DWwW3YT%2FKMykm5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891c007767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
adce3a081490452d571fd3951347918f
87371b471d8098055cfc08d49f4c6f4599668360
ea5bc3af900d247fa77cf4a63c03d1e16485b782fb3b8612afb908648622d16d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA5BC3AF900D247FA77CF4A63C03D1E16485B782FB3B8612AFB908648622D16D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1948
Expires: Sat, 04 Feb 2023 12:51:44 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive

cdnbun.com/upload/yinin4.jpg

172.64.131.13

200 OK

11 kB

URL HTTP/2
cdnbun.com/upload/yinin4.jpg
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size
11 kB (11421 bytes)
Hash
b6fa404160ab4e31d422d46c4fc721f6
909a89b3f1ff27026885c7b9bf646fae22fb487f
4424ea551237c5beca0d48ed654b2e4a613c0cc8aaf1b918bc75f9e8de537a10

HTTP Headers

GET /upload/yinin4.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 11421
x-guploader-uploadid: ADPycdve6P7BeXMFsPxqtP-hu4Irmn0aaNW_lYvruYrm22R9QKTDL9_u9xGxcltZUR5jVQKCWQpzGerz3yazxOPZHTXAGqHX6IJj
expires: Sat, 04 Feb 2023 12:06:51 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:24 GMT
etag: "b6fa404160ab4e31d422d46c4fc721f6"
x-goog-generation: 1664826144838095
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11421
x-goog-hash: crc32c=OYzFWQ==, md5=tvpAQWCrTjHUItRsT8ch9g==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gqw7zU%2BKLuJDNDVrZ1HyR9nDFWdm5YEx5MZyRFFIqb%2BwJkaIuuyEnoTFROTCYwUh9xsWgRM1OvvTTa2ryb%2BAz2EoLJSWLw0fGGW%2FC%2FanoI2onMooLUd52Kq3S9F6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891bfb7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
adce3a081490452d571fd3951347918f
87371b471d8098055cfc08d49f4c6f4599668360
ea5bc3af900d247fa77cf4a63c03d1e16485b782fb3b8612afb908648622d16d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA5BC3AF900D247FA77CF4A63C03D1E16485B782FB3B8612AFB908648622D16D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1948
Expires: Sat, 04 Feb 2023 12:51:44 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive

cdnbun.com/upload/yinin3.jpg

172.64.131.13

200 OK

8.1 kB

URL HTTP/2
cdnbun.com/upload/yinin3.jpg
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size
8.1 kB (8062 bytes)
Hash
81475444fd410232094e547f2aeb7863
032e49959deebf523292282cabe959c1d175a51d
67f6bd69c33d05af4d61a11dda85b94199bb55097d69d7bcb4bd93499ea6c660

HTTP Headers

GET /upload/yinin3.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 8062
x-guploader-uploadid: ADPycdu1BSHTrW5HdsS135AjLBQqSkNbo8q--9GHbTpuxvhEGWIcnw-G8PWtSQV057s5ZChQt5prrMMhgBBBWfkfKiN1qopCHBdG
expires: Sat, 04 Feb 2023 12:07:05 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:24 GMT
etag: "81475444fd410232094e547f2aeb7863"
x-goog-generation: 1664826144612199
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8062
x-goog-hash: crc32c=PSGrKA==, md5=gUdURP1BAjIJTlR/Kut4Yw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VpRnaxRY6962MsvvfVuTXit6zWeFydFIGz0yJSMBdjKYgJJfkDlwIIRUGThTaYKaJSOBHTElfbrK8uGvdH5U2qaEdKj1YmFJ4mPVePjD6qvNzy83P23EBRZzLWs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891bf97767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ed0aa8323e751dd1b26751a5bbc08b7
1dc77046253b2642a7def68c7a7d33f4a4a47f47
906f154760200d54a0409b9f229b3c2f8e9d96ca751e44228bb92c29468fd371

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnbun.com/upload/yinin5.jpg

172.64.131.13

200 OK

12 kB

URL HTTP/2
cdnbun.com/upload/yinin5.jpg
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size
12 kB (12233 bytes)
Hash
e9b0239c55b165f1690ddc8c071919ba
bc37af04c476e3c03dd184a626d64b6bdee7fda9
e8e2355d1d5f7b4904b7ffb705fbfe47f1365b640c4940301cf5f5e3a29aa0eb

HTTP Headers

GET /upload/yinin5.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 12233
x-guploader-uploadid: ADPycds4huLQCbM-JeckUh_zc2jQmmzEVWejxmDBM8AdRY7G7mFkdX8Coim_MUXsdOU8JbBilClfRsr1PBEnpYqKT3ai
expires: Sat, 04 Feb 2023 12:07:05 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:26 GMT
etag: "e9b0239c55b165f1690ddc8c071919ba"
x-goog-generation: 1664826146100892
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 12233
x-goog-hash: crc32c=5+zp3Q==, md5=6bAjnFWxZfFpDdyMBxkZug==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qyVVsOdWx7yg50pVyBsrZ3MYO3vpeStn9%2F9OCWwLAXHqu5AvG%2FCzN2c1T42TmTs6jzTsqJWutaR8VI%2BhpUItY1sH%2Fe9UQ42S8P2%2FhyWmM7U5v15p8EnHwZOInNK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891bfd7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnbun.com/upload/yinin7.jpg

172.64.131.13

200 OK

9.7 kB

URL HTTP/2
cdnbun.com/upload/yinin7.jpg
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size
9.7 kB (9701 bytes)
Hash
98bf547229428fd89db85cf7eaee3f5c
28e8820afa88cb0431816eb9b9df2d6d7c37e6f2
27fc0ee79674e43ea6c89bee0b5f685e6a954dbd9b8279e93cff26e24b6224cb

HTTP Headers

GET /upload/yinin7.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 9701
x-guploader-uploadid: ADPycdszsGI_AIiaQ1MNusHYIYTANVu372wD_u_zvr80wTqV-4B6K2eCG6JCWi9tIJ-VTNY3HLUix7geAxD7tq9Acsvk9w
x-goog-generation: 1664826145990880
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9701
x-goog-hash: crc32c=N23pRQ==, md5=mL9UcilCj9iduFz36u4/XA==
x-goog-storage-class: STANDARD
expires: Sat, 04 Feb 2023 11:36:25 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:26 GMT
etag: "98bf547229428fd89db85cf7eaee3f5c"
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyb90pkguHD7ybzQFtGALUgl5zNk9VJ28947ALSSfHjepF5czStIOE9hje8eGuWLRCTYAIug02TkXBHyoNAFJshLj44ahth9QaWW4L%2BiQ9nM%2BNcevEQpALEZ0HB%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a892c1b7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnbun.com/upload/yinin9.jpg

172.64.131.13

200 OK

11 kB

URL HTTP/2
cdnbun.com/upload/yinin9.jpg
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size
11 kB (11423 bytes)
Hash
d89c2aa67625f8e96a26ad58b1e305ce
b0528b506c7cdb2e419d2a6da73cefdb72c2ed2c
6a07c5e915cbecd3802cb30dab35e08c084a11736b7bc7b54084b4a6bcae828b

HTTP Headers

GET /upload/yinin9.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 11423
x-guploader-uploadid: ADPycdte1SHVYg0QN4QfOxW-2FFFhT86-ieG7AkPIx4-zlnFYPojNssx_n55YOfcgR9nU3RT5rk3KDo2FmrMYYEUvOXycA
x-goog-generation: 1664826147210950
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11423
x-goog-hash: crc32c=2FXwkQ==, md5=2JwqpnYl+OlqJq1YseMFzg==
x-goog-storage-class: STANDARD
expires: Sat, 04 Feb 2023 12:16:42 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:27 GMT
etag: "d89c2aa67625f8e96a26ad58b1e305ce"
cf-cache-status: HIT
age: 3153
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcSh%2BrTCCGMVDBBTGZtw7I%2BJIldWhU0JNsI5Fr4qaBBNHKk8VLp9qqtcIzPRZcpFbJGeOYMIm9HpKZvaK9Hx58kRoKzLCq6%2B5vaQxmmnoj1jf2ZuvnA7WnfAHZeX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a893c267767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnbun.com/upload/luluhypermarketxh.yy.jpg

172.64.131.13

200 OK

10 kB

URL HTTP/2
cdnbun.com/upload/luluhypermarketxh.yy.jpg
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 185x88, components 3\012- data
Size
10 kB (10273 bytes)
Hash
834991e67f5621a8610daa8e3772b510
6b17ea604c59f3f96ad797cfe14ff63e97007c87
1bc9a2e7706ec94b6d68d532ed07a4d946f49f4815be68a20f33215d926ee1bf

HTTP Headers

GET /upload/luluhypermarketxh.yy.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 10273
x-guploader-uploadid: ADPycduoJVO0J2egRQ3csrrHM6NPtpS8xUlT_kyz4_SjhjAB01zWC9GRv7nCfsWqQKA8It_HLinf2pTe1bjoVTSlJyMyXACMrR1D
x-goog-generation: 1665707722787425
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10273
x-goog-hash: crc32c=Yzf1mg==, md5=g0mR5n9WIahhDaqON3K1EA==
x-goog-storage-class: STANDARD
expires: Sat, 04 Feb 2023 12:42:02 GMT
cache-control: public, max-age=14400
last-modified: Fri, 14 Oct 2022 00:35:22 GMT
etag: "834991e67f5621a8610daa8e3772b510"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFe7JGcl4Tf9KQkgbcH4M9f1R25x6eORRDoI7TwwvPK7Y2fO3sqYvZVc5mh2%2BR5a6KjMajC0u45VYxM3TusKLdp9Ye6G3vLbskF1XSUTEHI5N6kCNqHGHa9GQ7hS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891c017767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnbun.com/upload/luluhypermarketxh.box2.png

172.64.131.13

200 OK

7.4 kB

URL HTTP/2
cdnbun.com/upload/luluhypermarketxh.box2.png
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
7.4 kB (7385 bytes)
Hash
e86e38b7dbbd376474c8dd4610c97dce
0c95f2a71db274f26d31c90401e37930d2174be3
3be11f9247f23647250d2c781ed1b5781f9a53cfd18a5d6d5ec4db5b7e61a17f

HTTP Headers

GET /upload/luluhypermarketxh.box2.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/png
content-length: 7385
x-guploader-uploadid: ADPycdtHOFnVopnmBN2qgUlcjfPMWX7tuQ1GLShwAn_JtUggLR-UOyYReRGCOLJgQ3nvb3w2GIeZXkVt_li5dRoiXXSCrw
expires: Sat, 04 Feb 2023 11:35:15 GMT
cache-control: public, max-age=14400
last-modified: Fri, 14 Oct 2022 00:35:21 GMT
etag: "e86e38b7dbbd376474c8dd4610c97dce"
x-goog-generation: 1665707721809608
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7385
x-goog-hash: crc32c=Z20AAQ==, md5=6G44t9u9N2R0yN1GEMl9zg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BXtAskL5myUePyQio8w5xJOsE5B4HmyyvE8BNjxYz62g7lViG%2BPd4GLTcu2QgPH5a%2Bx3NNoAmEgEGyTOf%2BYUEOmBrafAi1islcmNrDp67fxhJu1%2FzXdIcwxSo0L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a892c197767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnbun.com/upload/luluhypermarketxh.box3.png

172.64.131.13

200 OK

20 kB

URL HTTP/2
cdnbun.com/upload/luluhypermarketxh.box3.png
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20416 bytes)
Hash
1fcdfd74a8b08b74c929bbd9c4b0209b
ddd7b9a2cc55c9e667cccc7018d0ca0d8557a370
865393af979bc197bd02e9471ccd198b3247c6a4c389d31101fed78ce15233b7

HTTP Headers

GET /upload/luluhypermarketxh.box3.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/png
content-length: 20416
x-guploader-uploadid: ADPycdsAqb9aABZ65CcoqWSVBNvU27iLIqMkyOQXNeFGMkfrrAF1XP73f69oWpKG7vQz7JhZk7x-GHmn90NajS3tdMU
expires: Sat, 04 Feb 2023 12:26:47 GMT
cache-control: public, max-age=14400
last-modified: Fri, 14 Oct 2022 00:35:21 GMT
etag: "1fcdfd74a8b08b74c929bbd9c4b0209b"
x-goog-generation: 1665707721812956
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 20416
x-goog-hash: crc32c=9vY13Q==, md5=H839dKiwi3TJKbvZxLAgmw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gg9htows7bzsP4YLFRh14de0%2FN5E%2FgxtUvL5V%2FuhT2Cj7eQbSrerN1zz7iSuvaqykgGivLcYwruFM0dKbs1aXvD4bgDTPuEkPlRa7sWIa0IoL5LVn2njggp%2FL2hu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a892c187767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnbun.com/upload/luluhypermarketxh.box1.png

172.64.131.13

200 OK

38 kB

URL HTTP/2
cdnbun.com/upload/luluhypermarketxh.box1.png
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (37590 bytes)
Hash
c9e220b83739d01e22031c4ba4554dd2
4ad3500a3412177c28d58b6c388c2d929cfb3a39
d12b11266753cca02a13d1cc8ec58cfe6fc92462f7528dbe59a2e82b35610d7a

HTTP Headers

GET /upload/luluhypermarketxh.box1.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/png
content-length: 37590
x-guploader-uploadid: ADPycdsL22cQvPUz766G_vFFYFI5EhXP23E-RuQo7LvOuDasRZ9TDSoEKFIs02DkWMLsTw80GkxGCPZpAJWzlaQx9vxe
expires: Sat, 04 Feb 2023 11:35:15 GMT
cache-control: public, max-age=14400
last-modified: Fri, 14 Oct 2022 00:35:24 GMT
etag: "c9e220b83739d01e22031c4ba4554dd2"
x-goog-generation: 1665707724830671
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 37590
x-goog-hash: crc32c=828z/g==, md5=yeIguDc50B4iAxxLpFVN0g==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3002
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7DI82NEb63IjVXofs85iUlEp9eaEFmDiusllAbSfVReARoWR%2BtwQwaoX6B1Rwl9ZkuilYqe%2Bg7oqLGRDQKs6ohTHjgF0JWDupXKKN20t6sTluqTq%2F6CBl%2FtEx3t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a891bf67767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnbun.com/upload/yinin6.jpg

172.64.131.13

200 OK

7.8 kB

URL HTTP/2
cdnbun.com/upload/yinin6.jpg
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size
7.8 kB (7772 bytes)
Hash
04c35687c4695f37e1a5f4658d356f23
ad851fa11794c089e9808d4ef884341ef82e9ccc
32988077ca75419c484ea3f154136fb61dc4983d5efb4178031d05ec210dbe45

HTTP Headers

GET /upload/yinin6.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 7772
x-guploader-uploadid: ADPycdvZwwv50LMyQr8ojAx1F3sOhSihY4vjvYXhaOzdXKahsRlq_DZy1vxTTTxK7OV7sigpw4vdUXuKRW-nM2yrxwahNYYouZK1
expires: Sat, 04 Feb 2023 12:06:51 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:26 GMT
etag: "04c35687c4695f37e1a5f4658d356f23"
x-goog-generation: 1664826145966244
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7772
x-goog-hash: crc32c=en2NPg==, md5=BMNWh8RpXzfhpfRljTVvIw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2825
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uDAMpvtdRufx7bbdARhvD8b3ovpavponeU0ytekvyshwME6nKcX2y9qJu3vXoUl35v7wANXNpCboQ4mpl25s4IKVzUigFWp%2B249eNJyTJIpnw%2BWoXrSTFP1%2FYPu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a895c6a7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnbun.com/upload/yinin2.jpg

172.64.131.13

200 OK

9.7 kB

URL HTTP/2
cdnbun.com/upload/yinin2.jpg
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size
9.7 kB (9706 bytes)
Hash
66e4c60767aec458cd2e5dfce9032a64
c1a27d185f4f19501227e77504d436d03612dd53
c723c5d32e49e898f46975fb28e5d0b1a5c9942f59beead02ab696b21d6df701

HTTP Headers

GET /upload/yinin2.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 9706
x-guploader-uploadid: ADPycdvbr3agIMZhboq1dwk36cm3tPHKl7_86vsgANl7m7qpe29pL35uV6YdWIqMee210EtzQw_PBNJlg6iiCY4nuhaLmw
x-goog-generation: 1664826144584320
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9706
x-goog-hash: crc32c=wewGDw==, md5=ZuTGB2euxFjNLl386QMqZA==
x-goog-storage-class: STANDARD
expires: Sat, 04 Feb 2023 12:16:42 GMT
cache-control: public, max-age=14400
last-modified: Mon, 03 Oct 2022 19:42:24 GMT
etag: "66e4c60767aec458cd2e5dfce9032a64"
cf-cache-status: HIT
age: 689
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmUhxZmcl8nMBFKcwi2eeemA9hhY%2FP16QA1OX4jeNN5NEIJIAM%2B0NxGnJBWv5R5sPP%2F8rid6P%2Fu1pcDt8F9dQVjTDP3DvXYa3EGGymuw7PLKRsCdoYdTDFGg9vwp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a896c8b7767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822

172.67.182.242

200 OK

38 kB

URL HTTP/2
hakivz.cyou/wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822
IP
172.67.182.242:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
38 kB (38134 bytes)
Hash
32129af35984a35bc237254b87c294ea
d8097b18f7e8005a562f17cc30db84c3fd2a7e99
9f4f85f36bde4f63dbef51dc8c0d10c5f563bdc4d4f1d59aa2805e7900c5c00d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wdsgSN4W/luluhypermarket-xh2/?_t=1675513190822 HTTP/1.1
Host: hakivz.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://truewrestling.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: pType=mo; expires=Sat, 04-Feb-2023 12:31:15 GMT; Max-Age=720; path=/; domain=hakivz.cyou
luluhypermarket-xh2-tthh1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.hakivz.cyou
luluhypermarket-xh2-tthh2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.hakivz.cyou
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Ftg8iP9ZJSVNp%2F4ETDW0hzSCMjQNbTf4OTmTHXO%2FiSRe0cFwLdel%2FhPUB2PniN9NtKCjKXg%2BxYvvq%2B%2FgW9Etixh4LMyxvJvjCw%2FKJVYwXmIUs%2FWG3GjV5fQKLvz0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79435a862a470b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
adce3a081490452d571fd3951347918f
87371b471d8098055cfc08d49f4c6f4599668360
ea5bc3af900d247fa77cf4a63c03d1e16485b782fb3b8612afb908648622d16d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA5BC3AF900D247FA77CF4A63C03D1E16485B782FB3B8612AFB908648622D16D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1948
Expires: Sat, 04 Feb 2023 12:51:44 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive

cdnbun.com/upload/luluhypermarketxh.zhu.jpg

172.64.131.13

200 OK

63 kB

URL HTTP/2
cdnbun.com/upload/luluhypermarketxh.zhu.jpg
IP
172.64.131.13:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 512x288, components 3\012- data
Size
63 kB (62853 bytes)
Hash
539eb0dd5e7957ce90562cabe6c674b7
7a367dccb2a5a93e8e6f57c3f342e2eeeccccbd2
64f85ceafc0cae2f4bdadc24df8e15d237dfc3b5be662cb2c2e0bb3ddda46a49

HTTP Headers

GET /upload/luluhypermarketxh.zhu.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: image/jpeg
content-length: 62853
x-guploader-uploadid: ADPycdvJ6Bml_P5BI2Uhtjhs1sT0B2wEhQT1JW62tC6LuRlBJwhnx8dHIdw1EZGtYx_pe7k5tbRqA1r1__8RnP6Hnufa9g
x-goog-generation: 1665707723798510
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62853
x-goog-hash: crc32c=QFq6cA==, md5=U56w3V55V86QViyr5sZ0tw==
x-goog-storage-class: STANDARD
expires: Sat, 04 Feb 2023 13:19:16 GMT
cache-control: public, max-age=14400
last-modified: Fri, 14 Oct 2022 00:35:23 GMT
etag: "539eb0dd5e7957ce90562cabe6c674b7"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4BDl549mYioo53Rp%2BXcC%2FM1jij4uf0qq%2FRFlziqyTQUyzz2cuFtji1LAHXXDp7Ygv%2BsVGNkdMYqMVco6mDwIFqbShMg9My2GBf1zt4dZnFtcGRHVRKyZbkjK6Ab"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a892c177767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12917
Expires: Sat, 04 Feb 2023 15:54:33 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12917
Expires: Sat, 04 Feb 2023 15:54:33 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12917
Expires: Sat, 04 Feb 2023 15:54:33 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12917
Expires: Sat, 04 Feb 2023 15:54:33 GMT
Date: Sat, 04 Feb 2023 12:19:16 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8527 bytes)
Hash
6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 50923
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9743 bytes)
Hash
518bba9a8770e8ff15229a68be5bddc3
139f944b3f4279e640901f7a6b993f1a49b51a22
0591e73dec2190752677f06525bc993dc8c7a5aa20984a5eda64c323188e2b1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9743
x-amzn-requestid: b6c1caa9-72e4-476f-9c3d-4a746c410ba3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHLJoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-1289ef383fbad59621eda6d0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nIp2nUVnamnoTpFwrN1L4K1dqjYvcDGuV2yFqYskkXb14k72AZsjMg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:41 GMT
age: 51035
etag: "139f944b3f4279e640901f7a6b993f1a49b51a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5174 bytes)
Hash
e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 50935
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9500 bytes)
Hash
3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:30:36 GMT
age: 49720
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 52272
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9141 bytes)
Hash
f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 50746
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN&gtm=45je3210&_p=20858354&cid=258537277.1675513192&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675513191&sct=1&seg=0&dl=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822&dr=http%3A%2F%2Ftruewrestling.top%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN&gtm=45je3210&_p=20858354&cid=258537277.1675513192&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675513191&sct=1&seg=0&dl=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822&dr=http%3A%2F%2Ftruewrestling.top%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-LW7434MYMN&gtm=45je3210&_p=20858354&cid=258537277.1675513192&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675513191&sct=1&seg=0&dl=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822&dr=http%3A%2F%2Ftruewrestling.top%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hakivz.cyou
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://hakivz.cyou
date: Sat, 04 Feb 2023 12:19:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G&gtm=45je3210&_p=20858354&cid=258537277.1675513192&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675513191&sct=1&seg=0&dl=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822&dr=http%3A%2F%2Ftruewrestling.top%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G&gtm=45je3210&_p=20858354&cid=258537277.1675513192&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675513191&sct=1&seg=0&dl=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822&dr=http%3A%2F%2Ftruewrestling.top%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-0C230YDF7G&gtm=45je3210&_p=20858354&cid=258537277.1675513192&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675513191&sct=1&seg=0&dl=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822&dr=http%3A%2F%2Ftruewrestling.top%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hakivz.cyou
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: https://hakivz.cyou
date: Sat, 04 Feb 2023 12:19:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js

104.21.2.47

200 OK

2.0 kB

URL HTTP/2
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
IP
104.21.2.47:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4720), with CRLF line terminators
Size
2.0 kB (2034 bytes)
Hash
3e570c484a2c1f53262f34d317c0fe93
d5224555a314ae4b00e7f2992b9368f40a319ac9
de14f5f47e0ed9426c0b6559b0e2aeaf53cbc7c6713891dbc4bab853db9a07fa

HTTP Headers

GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdsQwI6S5jC2ZwwNbaEnMvjelWJ3GXYdnwkp6yGGRsWcMv2CGKN45430-s2v57JOsXldQJq3rMwQOTmm_DkHtW4
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
expires: Sat, 04 Feb 2023 11:41:04 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
cf-cache-status: HIT
age: 3272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3D0ZR1cbtoRIqvKH1zjTStRGtNADlkPuqlyASR1TpwDuCaggFS4fplx6TxMJGkI44PO9Z%2FKSLKY4O0OGCpIvUqaFQmEaQvl1M3fsbGGc3JLD0YzrwEff%2Bomgh%2BUF%2Bjy%2Fjrk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a874e3f0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
f2f3274ded470c2f3ff65621c03f3916
b054fbae0b5932c5760b077db0fecc7d1e1a7f1f
659a25196d93cff0bf50471d5c5990652095486fab96721a21bbb3aecd964fcc

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 12:19:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 09:27:28 GMT
ETag: "b054fbae0b5932c5760b077db0fecc7d1e1a7f1f"
Last-Modified: Sat, 04 Feb 2023 09:27:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 424
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79435a941bfc0afa-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
f2f3274ded470c2f3ff65621c03f3916
b054fbae0b5932c5760b077db0fecc7d1e1a7f1f
659a25196d93cff0bf50471d5c5990652095486fab96721a21bbb3aecd964fcc

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 12:19:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 09:27:28 GMT
ETag: "b054fbae0b5932c5760b077db0fecc7d1e1a7f1f"
Last-Modified: Sat, 04 Feb 2023 09:27:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 424
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79435a941b60b4ff-OSL

hm.baidu.com/hm.js?cf5f85a1112c1bf109dd2db200986b2e

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?cf5f85a1112c1bf109dd2db200986b2e
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (674)
Size
11 kB (11312 bytes)
Hash
c925945b9ac2da39f660409ebef4deab
eec3ecc901d214f25f5fc5c2e3a8e3c5f62d36f9
32932a13791cbda3948e3d3e87d596ad3102ffc3e16319bb539003646d00625c

HTTP Headers

GET /hm.js?cf5f85a1112c1bf109dd2db200986b2e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11312
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 12:19:18 GMT
Etag: 1beb98940d19b9629cf8e85afcd6e632
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=10106235277CDF4B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (625)
Size
11 kB (11263 bytes)
Hash
5063ffb21c355667ced035ce956bed60
7e5d42f7aadbee12e170d2a04528134598335667
e45b9e46741891f115590406771c4a5b5ee25be2d95c95fcd5fbc06defda0913

HTTP Headers

GET /hm.js?957de4d70bf7b7be33bc859d43ad70c6 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11263
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 12:19:18 GMT
Etag: f809335056c52b220be63ef75ea9d46c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7CE49D58E927E38C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (629)
Size
11 kB (11267 bytes)
Hash
aa8725747378b42d15bf04e252ef6d5f
db4fe9939d1597a3b0a045e5a8ec9d436a01284c
64450bc5536a85c4299956a4a48c1af84315fc53f26dbb60c6e36608e8ce0fe1

HTTP Headers

GET /hm.js?ba99808308e7272d58c43367a11d1204 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 12:19:18 GMT
Etag: a599bc6c50c69d6bbd4b1fc10e196d29
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FEBC185C47F028DB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (620)
Size
11 kB (11258 bytes)
Hash
0f041fda120ea089920e1807af571829
751a310760e97081f0d27126fa29d98ec95a7c05
12e046b224b1ba076b3f9102e50bbaa6e73aacc335b6308c7a02ea8ed2550b11

HTTP Headers

GET /hm.js?8b68846a3ac1709b0ec7199084ee5ea8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 12:19:18 GMT
Etag: b405a9b94827bc824eb8aa843dab9a7e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FE0D7E3031F86D56; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1529530784&si=cf5f85a1112c1bf109dd2db200986b2e&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45384&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1529530784&si=cf5f85a1112c1bf109dd2db200986b2e&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45384&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1529530784&si=cf5f85a1112c1bf109dd2db200986b2e&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45384&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 12:19:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=569C6D1AAB030442; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1047870090&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45384&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1047870090&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45384&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1047870090&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45384&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 12:19:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5522679F0F94EC0C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=63969694&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45385&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=63969694&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45385&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=63969694&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45385&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 12:19:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=15157FC313009EC0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1736617851&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45385&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1736617851&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45385&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1736617851&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Ftruewrestling.top%2F&v=1.3.0&lv=1&sn=45385&r=0&ww=1280&u=https%3A%2F%2Fhakivz.cyou%2FwdsgSN4W%2Fluluhypermarket-xh2%2F%3F_t%3D1675513190822%231675513191916 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 12:19:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1CF8D002A2A2D1B7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b4bb203a35f47f07ca96456cb9509955
80b8accc9534329116f2ccaaadfd6963bc53f4a5
25fc0b8c41a3ee3a418b1522aa15670e8191c580b99a605c43279ea6b44ada17

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25FC0B8C41A3EE3A418B1522AA15670E8191C580B99A605C43279EA6B44ADA17"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7025
Expires: Sat, 04 Feb 2023 14:16:24 GMT
Date: Sat, 04 Feb 2023 12:19:19 GMT
Connection: keep-alive

aff-a.advertica-cdn.com/generic/8756_14615EN-DW23-300x50.gif

185.66.200.127

200 OK

14 kB

URL HTTP/2
aff-a.advertica-cdn.com/generic/8756_14615EN-DW23-300x50.gif
IP
185.66.200.127:0
ASN
#201702 skHosting.eu s.r.o.

File type
data
Size
14 kB (14190 bytes)
Hash
8db499b3bc4e61dda9ea77fb0ef64b9d
28e7ea434f0669183bf31188c35b0f2462d2701c
c04248aba07079c550048bfa0c7b3bfd793e8fe6f62aacf2d77391e87c86bb30

HTTP Headers

GET /generic/8756_14615EN-DW23-300x50.gif HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonepa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:19:19 GMT
content-type: image/gif
last-modified: Mon, 28 Dec 2020 14:27:49 GMT
vary: Accept-Encoding
etag: W/"5fe9eb65-1cb7"
expires: Mon, 06 Mar 2023 12:19:19 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2

uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167551315566320&xtt=8583158

185.66.200.220

200 OK

0 B

URL HTTP/2
uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167551315566320&xtt=8583158
IP
185.66.200.220:0
ASN
#201702 skHosting.eu s.r.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167551315566320&xtt=8583158 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 04 Feb 2023 12:19:15 GMT
last-modified: Sat, 04 Feb 2023 12:19:15 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2

cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js

104.21.2.47

200 OK

0 B

URL HTTP/2
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
IP
104.21.2.47:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycds_5oPtcr3KFpC_u7Lnvdlqz8VeCGxAgHcXFP3zMljDMh6Q0ifyAwrLV7e0dbEbUBwQbF9kY0g0GrHWdqicRh8
expires: Sat, 04 Feb 2023 12:23:06 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
etag: W/"80924b62e5b3ac73aa4849776b439770"
x-goog-generation: 1647502839791727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 72765
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8mpUfk956kDJyHs1KC%2BStBmNqJ9i4%2BVk04asmm01Dom62xtWv1qO2EkBfifdVHlZuE05XtUDd%2BWcFBV%2B5%2FIvZA9veRynArYTzUEXXqerhyifb2Oxt4%2BSmMstIoeZNjW9Ug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a873e320b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js

104.21.2.47

200 OK

0 B

URL HTTP/2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP
104.21.2.47:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
expires: Sat, 04 Feb 2023 11:25:54 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQnM9%2BSSjbdx1SOXgsJeyPtVOmgpZ5pbopUbQLfI6cgASshMbnNzAbHb8mrfufZBwgrIYcWa%2Bgmrc6uGTzViMEXaBSoDqyLISsgj0VVR6v1VlHMOEYPP7Fn%2Fi1a1TrYLwD8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a874e350b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js

104.21.2.47

200 OK

0 B

URL HTTP/2
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
IP
104.21.2.47:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdujKqP4OmsICcw4by2ej4M3gF2bmp67KcND5Yd7ZkChGu92L3U7j930k4J7s5KmD98KzStiLKDZt_7_8jjTVv4
expires: Sat, 04 Feb 2023 10:15:08 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShTIw2GCiGCcsz8MudUzleycU7y9zBuBql5MqXAp5iqcz2YkDFnCUg9K3%2BN7q78Nqy%2FCfeny37DDSuB2QGIAAG5ABQDef6hiDvuW1yPDN4sQXhAMaR49zJkohItqBlAOf70%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79435a873e2c0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

bonepa.com/4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_203&maxw=0

185.66.201.42

200 OK

0 B

URL HTTP/2
bonepa.com/4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_203&maxw=0
IP
185.66.201.42:0
ASN
#201702 skHosting.eu s.r.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_203&maxw=0 HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:19:19 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Sun, 05-Feb-2023 12:19:19 GMT; Max-Age=86400; secure; SameSite=None
used_ad2558187=1; expires=Sun, 05-Feb-2023 04:59:59 GMT; Max-Age=60040; path=/; secure; SameSite=None
total_impressions=1; expires=Sun, 05-Feb-2023 04:59:59 GMT; Max-Age=60040; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2

uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g

185.66.200.220

200 OK

0 B

URL HTTP/2
uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
IP
185.66.200.220:0
ASN
#201702 skHosting.eu s.r.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:19:15 GMT
content-type: application/javascript
expires: Sat, 04 Feb 2023 12:19:15 GMT
last-modified: Sat, 04 Feb 2023 12:19:15 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2

bonepa.com/js/responsive.js

185.66.201.42

200 OK

0 B

URL HTTP/2
bonepa.com/js/responsive.js
IP
185.66.201.42:0
ASN
#201702 skHosting.eu s.r.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/responsive.js HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hakivz.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:19:16 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML