ckk.ai/DvLM2Va
188.114.97.1301 Moved Permanently 0 B IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /DvLM2Va HTTP/1.1
Host: ckk.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 28 Jan 2023 03:52:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 28 Jan 2023 04:52:51 GMT
Location: https://ckk.ai/DvLM2Va
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ddg4Yibh2KxZ5W%2BROeIUvx5%2BumsL3r6trWSGC2aS0Jj3bGqVHBZ97PC8oEPkrF1UlTRsFUB5PCjwBbp2jniApOWCF6zdgHQdC57qM8LbAlsBcPmuRWfClo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906c7180e98b515-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7883
Expires: Sat, 28 Jan 2023 06:04:14 GMT
Date: Sat, 28 Jan 2023 03:52:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14305
Expires: Sat, 28 Jan 2023 07:51:16 GMT
Date: Sat, 28 Jan 2023 03:52:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5307
Expires: Sat, 28 Jan 2023 05:21:18 GMT
Date: Sat, 28 Jan 2023 03:52:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 03:35:27 GMT
content-type: application/json
age: 1044
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: a/X8kVGMfk7AzpRpg1Wl0Hg1XnIk0lyOQVYmyxbk4j0kK+h7ibi53tfsnautEALqqBpEjrcwjwOoSnRDeiQpFg==
x-amz-request-id: 482Q1BKYCBTTKM3W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 03:49:40 GMT
age: 191
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 07f0a94dd016360030529ac24ffd8afb
bdb751830342482df61e4c4e8c916d0dba9d6132
db31ae635597f30d3f5d51f26179832650402fe67a629da39c68db1a6769a57e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 653
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 03:52:51 GMT
Etag: "63d392bd-116"
Last-Modified: Sat, 28 Jan 2023 03:41:58 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 03:49:03 GMT
age: 228
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8830
Expires: Sat, 28 Jan 2023 06:20:02 GMT
Date: Sat, 28 Jan 2023 03:52:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 07f0a94dd016360030529ac24ffd8afb
bdb751830342482df61e4c4e8c916d0dba9d6132
db31ae635597f30d3f5d51f26179832650402fe67a629da39c68db1a6769a57e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 654
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 03:52:52 GMT
Etag: "63d392bd-116"
Last-Modified: Sat, 28 Jan 2023 03:41:58 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 67 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 15309f004e58175bfc07fcbbbb6eb3d6
a0cc1cd1b477aec6386dd41497504503633712a7
7b2fcb02faefd5d18fcfe8dbbd5136b339cc89908af65d5bb97ed46f83822d73
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99B5722B6D615A3ECF9833440CD8A3FA82153BF724D28FABBAC92E2D95E45B5A"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3253
Expires: Sat, 28 Jan 2023 04:47:05 GMT
Date: Sat, 28 Jan 2023 03:52:52 GMT
Connection: keep-alive
ckk.ai/DvLM2Va
188.114.97.1200 OK 100 kB IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63100), with CRLF, LF line terminators
Size 100 kB (100309 bytes)
Hash 9b7262972d7c8b9c13b24c2f1cfb9f85
f2d9b1e63f4dfbb2c67ff183991fa05b3bb3077c
864b1ec97154bb131e0dbb2bf4994f3fd3c73c7c309825578ddd39ec222e8bf9
GET /DvLM2Va HTTP/1.1
Host: ckk.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:52:52 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=099b228f8a4aa23b96a6849fd10d5d3e; path=/; HttpOnly; secure
refDvLM2Va=YWI3YmNjMmU2Y2UzY2Y5Njc3ZTQzMTM1ZTQwNzlhYTNjZDA5YTQ0YjM1MTUxZGUxMmE2MWQyMjAwMmZlYTZjNZBBv8xkCCFJmcwgx%2BRf5vqDSSLQn8Do1LdKdjY2y674; expires=Sat, 28-Jan-2023 03:57:49 GMT; Max-Age=300; path=/; HttpOnly; secure
csrfToken=29c2f09148024405d944033e0089622a2c90a8430bc69275447247df9abcd64ad07b7d14cb681a330abee85700e972898ad35c88dc9a4394efec157cb304c53c; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5B2mCA8pQdDgAQX19WFGPIXWP9iy90rDwiV70q64UAQkoh7g3oYzw5dFweyQl%2FQRa8h1sfL8Zf7LutbMQmMYSF3QYVopI%2FcZJ%2FkIlPjycP4xlq6PqMu3DA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906c719fbde1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.35.167.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.167.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vRQjTgjGEMg7AL6qy4+z3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5rdLI+UypdKwHWZCujQAWSg43Xs=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4f69d8d62015b12b1cbe6757379f15af
1f6e65271411f588535c9a726e7fd405a6742dc3
3a3514f34991fee083e7e9e771bc68f5c1f77def3118f85bf571e74117c9e2e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4697
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 03:52:52 GMT
Last-Modified: Sat, 28 Jan 2023 02:34:35 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=UA-113561579-8
142.250.74.168200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-113561579-8
IP 142.250.74.168:0
File type ASCII text, with very long lines (65369)
Hash 4a203e12eccccc372f7df001226f03d9
c62a87c5c41fcd2fe57beb7ccfae5db77816a6a0
7c714c14493dfdb565e22af0cf312c5f79f14b4da745f949de9677bc8bff1c39
GET /gtag/js?id=UA-113561579-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 03:52:52 GMT
expires: Sat, 28 Jan 2023 03:52:52 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
iclickcdn.com/tag.min.js
172.67.75.9200 OK 26 kB IP 172.67.75.9:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e04f4797843475a2bc453c0a8544a35e
9583d6ca17218afa1b1d30fa4858577355a12cb3
2ba79dcb3c7d9858a07998386f10c360487498718e2391b19a638e9e17428013
GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:52:52 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 62f920ac5b627187292068d3d2cdd0fe
cache-control: max-age=86400
last-modified: Mon, 23 Jan 2023 15:52:48 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 28 Jan 2023 07:07:45 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 74707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2Bl7LW6zhSCpq1m2IWlUO0iT8AqcywfP8MgF%2BZlKZ8H700XU3T160CFf%2BmR7FykNsmEs2DL3Xc1VwKvP4s2xVhdETFtg7mhMZ0wuTRWD27zLtJaqI5xdCaY3KDQrxuQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7906c71fda4ab524-OSL
content-encoding: br
X-Firefox-Spdy: h2
upgulpinon.com/1?z=5324394
139.45.197.242200 OK 7.6 kB URL HTTP/2 upgulpinon.com/1?z=5324394
IP 139.45.197.242:0
Hash 1e2da2f41531f9484c83e3b3982d277b
789046b19499fd99064d7849c6293e5cf51200a9
e1a5a3d10e504eaaebde78be2aa839200b74b97b4a44a33cf35ba162ad581bba
GET /1?z=5324394 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:52 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 9e8721bd43a05504666f2762d6594b56
access-control-expose-headers: X-Sc
x-sc: XZHT3PMcv5Qlz1d8EjmuPcH4eHtkbX8QkLrt1HoRtkpl7MZprZCbl3BQGjFpwx3fxuI0tC9ch1_nhGUm6tQPnOQXEBU=
set-cookie: scm=1; expires=Sun, 28 Jan 2024 03:52:52 GMT; secure; SameSite=None
OAID=11717039ba6c49b69e51bccebbf6e652; expires=Sun, 28 Jan 2024 03:52:52 GMT; secure; SameSite=None
oaidts=1674877972; expires=Sun, 28 Jan 2024 03:52:52 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 349bda6846db544120951f1386720193
330c743b74dc4659d7e3893c7729fdbd66bbe18d
8f96fb188aadccdb260ced25441db696df2a6e950afa36a7c512df741dc150c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F96FB188AADCCDB260CED25441DB696DF2A6E950AFA36A7C512DF741DC150C2"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=835
Expires: Sat, 28 Jan 2023 04:06:47 GMT
Date: Sat, 28 Jan 2023 03:52:52 GMT
Connection: keep-alive
trustbummler.com/tSXyF1oQpqC/14504
23.109.87.182200 OK 25 B URL HTTP/1.1 trustbummler.com/tSXyF1oQpqC/14504
IP 23.109.87.182:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
Analyzer Verdict Alert quad9 Sinkholed
GET /tSXyF1oQpqC/14504 HTTP/1.1
Host: trustbummler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 03:52:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ckk.ai
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sun, 29-Jan-2023 03:52:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Sun, 29-Jan-2023 03:52:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4bd334d0296dc28cc576e0a58e544867
952debaf17ce4f67413778ffad72aa7b28c8a74c
9d55eb92fa3b7e988b54a980e8aafeb7cc95e9503af69b20d84bf5f7939a41bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D55EB92FA3B7E988B54A980E8AAFEB7CC95E9503AF69B20D84BF5F7939A41BB"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2377
Expires: Sat, 28 Jan 2023 04:32:29 GMT
Date: Sat, 28 Jan 2023 03:52:52 GMT
Connection: keep-alive
bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.473.0
139.45.197.234200 OK 1.8 kB URL HTTP/2 bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.473.0
IP 139.45.197.234:0
Hash 5a48edb976e451ca5ad5ba994d7a5172
2c03d2f9fa5fcbe29f0f7e9ab0ca7c3a7f4a9abb
3a6751ec642229d56db1830bbcb6bf517986272dd5dcf9c5171f7a2c84558585
GET /5/3491150/?oo=1&js_build=iclick-v1.473.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:52 GMT
content-type: application/json
x-trace-id: 663c0a418a68d597fbe694cfeb33237f
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=32191bbe559f4f7b8a549117090b3f2f; expires=Sun, 28 Jan 2024 03:52:52 GMT; path=/; secure; SameSite=None
oaidts=1674877972; expires=Sun, 28 Jan 2024 03:52:52 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
forfrogadiertor.com/400/5533285
139.45.197.239200 OK 32 kB URL HTTP/2 forfrogadiertor.com/400/5533285
IP 139.45.197.239:0
Hash cc2ad307e52439ed4a85bd10ce4844f6
c5d5a87a4e0ae962f3af5125335957a65e878539
d887f61543f6d757ef4fc921e9cb603b0c94a2787b7c0c1253c8eba103cb8840
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5533285 HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:52 GMT
content-type: application/javascript
x-trace-id: ec05858534d3c476d5eb096841c7be79
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=d00edbc8e6794ee98feb8f0c4683d803; expires=Sun, 28 Jan 2024 03:52:52 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ab744f1fbf03bf793085117f6691a062
f26ee7a876fee3e80c2521374a4c527d55b17e83
fc5b8cb6f5bd7396921cac6bf1bbd6cb41715cdcd19527ae5310e59eafd07928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC5B8CB6F5BD7396921CAC6BF1BBD6CB41715CDCD19527AE5310E59EAFD07928"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3702
Expires: Sat, 28 Jan 2023 04:54:34 GMT
Date: Sat, 28 Jan 2023 03:52:52 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=32191bbe559f4f7b8a549117090b3f2f
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=32191bbe559f4f7b8a549117090b3f2f
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 61c60e89c735ee39e72eca5bd53f977e
060be8c864c289375fb84adbaee9a561dee4bca0
acf9e7fb459685694a6d03779ebf0c17ded1b5e457ad75781b7dfcd7972091f9
GET /gid.js?userId=32191bbe559f4f7b8a549117090b3f2f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:52 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=32191bbe559f4f7b8a549117090b3f2f; expires=Sun, 28 Jan 2024 03:52:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2dcdc2227aedd1a243ae997fc01cef64
99c2453595ecdb900c50e8f3481c0d0b7409da2d
f8db11a1b8b97b8e27ca825ecb03d8a6775010a13390da214bc4044f9bdf730a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8DB11A1B8B97B8E27CA825ECB03D8A6775010A13390DA214BC4044F9BDF730A"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4070
Expires: Sat, 28 Jan 2023 05:00:43 GMT
Date: Sat, 28 Jan 2023 03:52:53 GMT
Connection: keep-alive
upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=32191bbe559f4f7b8a549117090b3f2f
139.45.197.242204 No Content 0 B URL HTTP/2 upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=32191bbe559f4f7b8a549117090b3f2f
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=32191bbe559f4f7b8a549117090b3f2f HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
forfrogadiertor.com/500/5533285?excludes=&oaid=32191bbe559f4f7b8a549117090b3f2f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 forfrogadiertor.com/500/5533285?excludes=&oaid=32191bbe559f4f7b8a549117090b3f2f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5533285?excludes=&oaid=32191bbe559f4f7b8a549117090b3f2f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn.itskiddien.club/?rb=kJB-hqEXe6CNOZCOFIZVEDcMDKl1Bt7gGdJUslLgBgW3Bw3oIRIUDLlEtBtXFtiyLzq3AjWwc_aI4meCS6q29wrVG-DN3EUrucWtkNe9KnopLbh6YkB3lalg_SALeNUHvUNUKL2GU02fRVLlkbUMRz5EogVLJROjgB9GsyV-n9PZLUWX-Vw3_dmxGJBLBNVuBimYmWoOQWkOewsZ14RDRHrpvqjQ-7fR&request_ab2=0&zoneid=5535659&js_build=iclick-v1.474.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.474.0&bs=e92dab43-f2dd-4627-b5f4-473392d3135f&userId=32191bbe559f4f7b8a549117090b3f2f&m=link
139.45.197.236200 OK 7.1 kB URL HTTP/2 cdn.itskiddien.club/?rb=kJB-hqEXe6CNOZCOFIZVEDcMDKl1Bt7gGdJUslLgBgW3Bw3oIRIUDLlEtBtXFtiyLzq3AjWwc_aI4meCS6q29wrVG-DN3EUrucWtkNe9KnopLbh6YkB3lalg_SALeNUHvUNUKL2GU02fRVLlkbUMRz5EogVLJROjgB9GsyV-n9PZLUWX-Vw3_dmxGJBLBNVuBimYmWoOQWkOewsZ14RDRHrpvqjQ-7fR&request_ab2=0&zoneid=5535659&js_build=iclick-v1.474.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.474.0&bs=e92dab43-f2dd-4627-b5f4-473392d3135f&userId=32191bbe559f4f7b8a549117090b3f2f&m=link
IP 139.45.197.236:0
Hash b8c9409deeb2fb6208833ba81855f5a8
7d69a802e0914567e207a12c95bec97799785b58
36a8100723b7c9fe11a5af8c83d3db13a50f7ff80e4388e56d6e0a469384ed01
GET /?rb=kJB-hqEXe6CNOZCOFIZVEDcMDKl1Bt7gGdJUslLgBgW3Bw3oIRIUDLlEtBtXFtiyLzq3AjWwc_aI4meCS6q29wrVG-DN3EUrucWtkNe9KnopLbh6YkB3lalg_SALeNUHvUNUKL2GU02fRVLlkbUMRz5EogVLJROjgB9GsyV-n9PZLUWX-Vw3_dmxGJBLBNVuBimYmWoOQWkOewsZ14RDRHrpvqjQ-7fR&request_ab2=0&zoneid=5535659&js_build=iclick-v1.474.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.474.0&bs=e92dab43-f2dd-4627-b5f4-473392d3135f&userId=32191bbe559f4f7b8a549117090b3f2f&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Cookie: OAID=5d8062faedd04d1ebfa174c09ba8db14; oaidts=1674877972
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: application/json
x-trace-id: 18412f249fba2635f9a45266d40446f7
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=32191bbe559f4f7b8a549117090b3f2f; expires=Sun, 28 Jan 2024 03:52:53 GMT; path=/; secure; SameSite=None
oaidts=1674877973; expires=Sun, 28 Jan 2024 03:52:53 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 04 Feb 2023 03:52:53 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
oaphoace.net/401/5292343
139.45.197.239200 OK 33 kB IP 139.45.197.239:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7ebf44f8f75388e33a2a296be9cdf0f6
3dbf6ff59138a62e01755a6327f72943f48c4be1
eb062d2298668bc85021599e4414b329909a58e837bd1f3627645dbb9e323f4c
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5292343 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: application/javascript
x-trace-id: 9578911b7f5ee2d1351cbda7386bd8ba
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=23bad18cee7d47feb33799b7a023da2b; expires=Sun, 28 Jan 2024 03:52:53 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=k7K4TR8W2gyUo49toATYtw-ykFDKtmlKX2jhK7iXS666Bz1EaqwR_AQTVoLIm2ow91GaXS0OgpjVX8HCVKATH1LmIBN69GHPQG8C9M1-2nXepPp_g53-3q7MnHMhmvoGjZ4dZmx6GqAUJdFvFbOgP1Fu0u-OEomgQ6NRvcOwxqsL7JhaWDzIm37LHg3bGs0UsrcK2-0MWHkNlAk_ZDApKJAHjDpexCmP&request_ab2=0&zoneid=3491150&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=62a792fe-c6fa-4fec-82bb-adaede8843e7&userId=32191bbe559f4f7b8a549117090b3f2f&m=link
139.45.197.243200 OK 1.8 kB URL HTTP/2 onmarshtompor.com/?rb=k7K4TR8W2gyUo49toATYtw-ykFDKtmlKX2jhK7iXS666Bz1EaqwR_AQTVoLIm2ow91GaXS0OgpjVX8HCVKATH1LmIBN69GHPQG8C9M1-2nXepPp_g53-3q7MnHMhmvoGjZ4dZmx6GqAUJdFvFbOgP1Fu0u-OEomgQ6NRvcOwxqsL7JhaWDzIm37LHg3bGs0UsrcK2-0MWHkNlAk_ZDApKJAHjDpexCmP&request_ab2=0&zoneid=3491150&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=62a792fe-c6fa-4fec-82bb-adaede8843e7&userId=32191bbe559f4f7b8a549117090b3f2f&m=link
IP 139.45.197.243:0
Hash 565cbe5e5ea38ca9a140d720d1c6b380
1dd4d7f94dbc73bbb733c7bd8405c416e11f400f
bc6130d04f4608e1144b29209bb84d0f6a8173b651517f3c19ced84885517cbb
GET /?rb=k7K4TR8W2gyUo49toATYtw-ykFDKtmlKX2jhK7iXS666Bz1EaqwR_AQTVoLIm2ow91GaXS0OgpjVX8HCVKATH1LmIBN69GHPQG8C9M1-2nXepPp_g53-3q7MnHMhmvoGjZ4dZmx6GqAUJdFvFbOgP1Fu0u-OEomgQ6NRvcOwxqsL7JhaWDzIm37LHg3bGs0UsrcK2-0MWHkNlAk_ZDApKJAHjDpexCmP&request_ab2=0&zoneid=3491150&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=62a792fe-c6fa-4fec-82bb-adaede8843e7&userId=32191bbe559f4f7b8a549117090b3f2f&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: application/json
x-trace-id: d89caa363e5cbb154aaf528dc8409a2b
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=32191bbe559f4f7b8a549117090b3f2f; expires=Sun, 28 Jan 2024 03:52:53 GMT; path=/; secure; SameSite=None
oaidts=1674877973; expires=Sun, 28 Jan 2024 03:52:53 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 04 Feb 2023 03:52:53 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1c7696072aa8c67d67f2c348dec00fe6
d04f3865e3a6a5c1636143c98a6b738bfa863767
000655de4ceccd09f9ca11c91ec61fb3387d640f1cc1822bc65a50f7a26925c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6229
Cache-Control: max-age=169075
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 03:52:53 GMT
Etag: "63d47533-117"
Expires: Mon, 30 Jan 2023 02:50:48 GMT
Last-Modified: Sat, 28 Jan 2023 01:06:59 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
offerimage.com/www/images/0fb6066747e1a495065815fb44fb9b41.png
104.22.32.172200 OK 12 kB URL HTTP/2 offerimage.com/www/images/0fb6066747e1a495065815fb44fb9b41.png
IP 104.22.32.172:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fb6066747e1a495065815fb44fb9b41
c62f83dec41d2b508176f11784edc75db8dbb6f8
dca249be9c1aeee895ea79046856c178a1830f46a55cfc7f552b95b04eb3e5a6
GET /www/images/0fb6066747e1a495065815fb44fb9b41.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: image/png
content-length: 11899
last-modified: Thu, 25 Aug 2022 05:53:00 GMT
etag: "63070e3c-2e7b"
expires: Sat, 28 Jan 2023 12:16:14 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 56199
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7906c72689b00a1c-ARN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5029
Expires: Sat, 28 Jan 2023 05:16:42 GMT
Date: Sat, 28 Jan 2023 03:52:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5029
Expires: Sat, 28 Jan 2023 05:16:42 GMT
Date: Sat, 28 Jan 2023 03:52:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5029
Expires: Sat, 28 Jan 2023 05:16:42 GMT
Date: Sat, 28 Jan 2023 03:52:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5029
Expires: Sat, 28 Jan 2023 05:16:42 GMT
Date: Sat, 28 Jan 2023 03:52:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2881cea3ae511d3dfd2f6b7cd598a4e
105d8d675aaafce5602e4015aee2d1659553d1b1
0993ef71c2af9e07ed09e0e2ba40a4d9fdd01444154c2f39f8fc48a4dfef1730
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10863
x-amzn-requestid: db873091-be76-4276-aa3e-f9bd44051508
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbAMbHCMoAMFsYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4471c-57f14d6a3ebcc8a1788bae80;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00zN6NcdSHaq-4mWQeizXw9SDgUZJOFnB_6dTo6skjlytfBuz8ud3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:57:22 GMT
age: 21331
etag: "105d8d675aaafce5602e4015aee2d1659553d1b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0413594-1aeb-47e8-8448-af5800cfa30e.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0413594-1aeb-47e8-8448-af5800cfa30e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d1a1e953f3f857726f15465313d082e5
1962e632f29d87d4f5455a29aa096eea057e15c0
a5b193f6de91c69c9e554f75dfa4a00f9cb8c47a26fdca61ed03ffe1dce7cc87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0413594-1aeb-47e8-8448-af5800cfa30e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7637
x-amzn-requestid: f22c88bd-1eb9-47fa-aab1-95108b540f35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-D3HN1oAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b2-05068ae37469a90c2355b4ec;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 03aXePxD_sCOwoLYYvykhq0YDOjyTtuoljGYXU_7Wsue1dO-b7gnuw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:43 GMT
age: 21430
etag: "1962e632f29d87d4f5455a29aa096eea057e15c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 21367
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb319f83c-740d-415f-b846-a8262bdecebc.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb319f83c-740d-415f-b846-a8262bdecebc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50175d32bf658166ca26db1633fdb95b
69bb6d345d73cd24fd33ad009cc1d3315e7d94e7
d3d3b551cc8b557a1f92a4d819cbb7ab618ef3fac9568f57513fb4905817dad4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb319f83c-740d-415f-b846-a8262bdecebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5092
x-amzn-requestid: 05cd1dc0-54b4-457a-83f6-5f774e65766f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwH_toAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-3a038caa6435720711028ac9;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b8qwvqxTXSugeN2wjEA1e1E_bUeWOsEzMZOMHeX9FpCAVsRnltLhyw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:35 GMT
age: 21438
etag: "69bb6d345d73cd24fd33ad009cc1d3315e7d94e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: baf2eddf-03cc-4af7-b799-c2c68b90d7a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUf4sFUYoAMFg6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1ad04-696c5dd015428f7429a5ccec;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 22:28:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dI2BG_eOmY3zIev7w_cnkk-Cy3nkXPmxA2o6htVQzaFGJfl0g6Q_iw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 16:14:27 GMT
age: 41906
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4afa01d2ffe17f8378e4c0b5afd4608
f5c7e2137efa07a207427a6b6fe1df541f85ea25
84fc0c05d25d674b5594b54720017332b86d391f66c7136d76cfce3e884e8e12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13375
x-amzn-requestid: 372fcbe8-85a1-4be2-a006-31fb9289c5e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CxF6BoAMFyGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-4b9860545c612cc416cbe599;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yEFlWGi3J14JLA0l2h02VlIqV8opHesKP6GOvfoP5Tp0m7dOYDxIGA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:59:32 GMT
age: 21201
etag: "f5c7e2137efa07a207427a6b6fe1df541f85ea25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg
139.45.197.153200 OK 20 kB URL HTTP/2 interstitial-07.com/contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash d657d0b45c722c9203953e7fbb92fc33
e1ff29e4b8f1ea03d163e6a3c8f4d381cae5a3e2
40785963d6afef460b6d58db44d00d3bbed11a81f88e64e6a1b91d317b220d40
GET /contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D120165890%26z%3D5324394%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DekuOUtdRSEY-bvhuNUgFw5TMjenBVGhgiarpU4MAgp9nB1PIh7m40CM1n2lm1vmTerLUlgmmC8G3o675Z4C5J7cSoFKnKJTB765ciBu9XUW7kH3riPUnv5jxuwnCI359C2zNhUGjBQ0oUWDn86DVU4RD7fiQYCMkxTy8HRqoUM3HqGLDJZLK4iWzKhwJpqBEoGz8hdiS__SAuc6ZITHXJu8Z7223Z389JO0kxDIEaQusRuJNOCGOdIJ7AeU1l-xhynLfp4KTJFmrEmNT0MEf3VBt1sUGwEgQIlDgagpUiRonsQQ89BInL7bEa2kuvKQIEC6CwOpC565R7vo1_iHLwMsL6sSKtHUYBz_JeFi3L9ojWOPMpSxqbD6BRWBA9DyceiJlEWcP8aKqbi49vyPnheM8gzjwWsaNQ5J8jsGgcpRNK6jsbCtAokuEE--q43oo1GRhydgrqLOPk9g-0XiJVX71pyZg9SdHOk3FTXohJScnUBh0fszDrEqsOUKA3ynEj7HC96HMLnTNkNt1J0ppWKgKSvJRr1TwG1U3WMJJ_vO5frWccMeYaad1WtLj4d0TwXY07D3u9s2BSbohIpNuuQHBhSOwGA4gphtCZcd7DQSd4z2OWptrWEvfE5U5F5vEiDgQMKMmPhfKg4Gf5kRoWquE6wE%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D92629dda-7b84-4795-bfb0-2bf843e3848a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FDvLM2Va%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: image/jpeg
content-length: 19879
last-modified: Wed, 05 Oct 2022 17:04:55 GMT
vary: Accept-Encoding
etag: "633db937-4da7"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bda1287a2cfcfdb3d1307f51166b69e
c2cab120270d422f74b68b1c73eff9024c826576
c192db50a7d43f457ca7e7388c69acc982861c8eb5d7eec4d686b416b2b09290
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C192DB50A7D43F457CA7E7388C69ACC982861C8EB5D7EEC4D686B416B2B09290"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5039
Expires: Sat, 28 Jan 2023 05:16:52 GMT
Date: Sat, 28 Jan 2023 03:52:53 GMT
Connection: keep-alive
interstitial-07.com/contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg
139.45.197.153200 OK 63 kB URL HTTP/2 interstitial-07.com/contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 9b2c293f4695bb8f89f5bdc53f2634e2
fda95c173965012fa72bd0386a0f1e4f0e5220fa
f7090a9b5e00f32721b1d83183b54e836e4237f6d407186327f7835caf3c265a
GET /contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D120165890%26z%3D5324394%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DekuOUtdRSEY-bvhuNUgFw5TMjenBVGhgiarpU4MAgp9nB1PIh7m40CM1n2lm1vmTerLUlgmmC8G3o675Z4C5J7cSoFKnKJTB765ciBu9XUW7kH3riPUnv5jxuwnCI359C2zNhUGjBQ0oUWDn86DVU4RD7fiQYCMkxTy8HRqoUM3HqGLDJZLK4iWzKhwJpqBEoGz8hdiS__SAuc6ZITHXJu8Z7223Z389JO0kxDIEaQusRuJNOCGOdIJ7AeU1l-xhynLfp4KTJFmrEmNT0MEf3VBt1sUGwEgQIlDgagpUiRonsQQ89BInL7bEa2kuvKQIEC6CwOpC565R7vo1_iHLwMsL6sSKtHUYBz_JeFi3L9ojWOPMpSxqbD6BRWBA9DyceiJlEWcP8aKqbi49vyPnheM8gzjwWsaNQ5J8jsGgcpRNK6jsbCtAokuEE--q43oo1GRhydgrqLOPk9g-0XiJVX71pyZg9SdHOk3FTXohJScnUBh0fszDrEqsOUKA3ynEj7HC96HMLnTNkNt1J0ppWKgKSvJRr1TwG1U3WMJJ_vO5frWccMeYaad1WtLj4d0TwXY07D3u9s2BSbohIpNuuQHBhSOwGA4gphtCZcd7DQSd4z2OWptrWEvfE5U5F5vEiDgQMKMmPhfKg4Gf5kRoWquE6wE%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D92629dda-7b84-4795-bfb0-2bf843e3848a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FDvLM2Va%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: image/jpeg
content-length: 63121
last-modified: Wed, 05 Oct 2022 17:04:52 GMT
vary: Accept-Encoding
etag: "633db934-f691"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash da6d1131f8c9ad77c09853b9bc65a467
dfcde7da9dc04065f6a3bbd2457ef90c75ed01ba
ea18b3e2c606aeb6128c798d0ce25827e7a630701a73248211b7d448805d2233
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 03:52:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:49:39 GMT
Expires: Wed, 01 Feb 2023 15:49:38 GMT
Etag: "dfcde7da9dc04065f6a3bbd2457ef90c75ed01ba"
Cache-Control: max-age=388004,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7906c724192c0b31-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 892
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 28 Jan 2023 03:52:53 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ckk.ai
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
oaphoace.net/500/5292343?excludes=&oaid=32191bbe559f4f7b8a549117090b3f2f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 oaphoace.net/500/5292343?excludes=&oaid=32191bbe559f4f7b8a549117090b3f2f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5292343?excludes=&oaid=32191bbe559f4f7b8a549117090b3f2f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 88b9cec582793e75ddd399af916b4b01
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
upgulpinon.com/11?rnd=999907290&z=5324394&b=16536118&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=ekuOUtdRSEY-bvhuNUgFw5TMjenBVGhgiarpU4MAgp9nB1PIh7m40CM1n2lm1vmTerLUlgmmC8G3o675Z4C5J7cSoFKnKJTB765ciBu9XUW7kH3riPUnv5jxuwnCI359C2zNhUGjBQ0oUWDn86DVU4RD7fiQYCMkxTy8HRqoUM3HqGLDJZLK4iWzKhwJpqBEoGz8hdiS__SAuc6ZITHXJu8Z7223Z389JO0kxDIEaQusRuJNOCGOdIJ7AeU1l-xhynLfp4KTJFmrEmNT0MEf3VBt1sUGwEgQIlDgagpUiRonsQQ89BInL7bEa2kuvKQIEC6CwOpC565R7vo1_iHLwMsL6sSKtHUYBz_JeFi3L9ojWOPMpSxqbD6BRWBA9DyceiJlEWcP8aKqbi49vyPnheM8gzjwWsaNQ5J8jsGgcpRNK6jsbCtAokuEE--q43oo1GRhydgrqLOPk9g-0XiJVX71pyZg9SdHOk3FTXohJScnUBh0fszDrEqsOUKA3ynEj7HC96HMLnTNkNt1J0ppWKgKSvJRr1TwG1U3WMJJ_vO5frWccMeYaad1WtLj4d0TwXY07D3u9s2BSbohIpNuuQHBhSOwGA4gphtCZcd7DQSd4z2OWptrWEvfE5U5F5vEiDgQMKMmPhfKg4Gf5kRoWquE6wE=&ruid=92629dda-7b84-4795-bfb0-2bf843e3848a&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=999907290&z=5324394&b=16536118&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=ekuOUtdRSEY-bvhuNUgFw5TMjenBVGhgiarpU4MAgp9nB1PIh7m40CM1n2lm1vmTerLUlgmmC8G3o675Z4C5J7cSoFKnKJTB765ciBu9XUW7kH3riPUnv5jxuwnCI359C2zNhUGjBQ0oUWDn86DVU4RD7fiQYCMkxTy8HRqoUM3HqGLDJZLK4iWzKhwJpqBEoGz8hdiS__SAuc6ZITHXJu8Z7223Z389JO0kxDIEaQusRuJNOCGOdIJ7AeU1l-xhynLfp4KTJFmrEmNT0MEf3VBt1sUGwEgQIlDgagpUiRonsQQ89BInL7bEa2kuvKQIEC6CwOpC565R7vo1_iHLwMsL6sSKtHUYBz_JeFi3L9ojWOPMpSxqbD6BRWBA9DyceiJlEWcP8aKqbi49vyPnheM8gzjwWsaNQ5J8jsGgcpRNK6jsbCtAokuEE--q43oo1GRhydgrqLOPk9g-0XiJVX71pyZg9SdHOk3FTXohJScnUBh0fszDrEqsOUKA3ynEj7HC96HMLnTNkNt1J0ppWKgKSvJRr1TwG1U3WMJJ_vO5frWccMeYaad1WtLj4d0TwXY07D3u9s2BSbohIpNuuQHBhSOwGA4gphtCZcd7DQSd4z2OWptrWEvfE5U5F5vEiDgQMKMmPhfKg4Gf5kRoWquE6wE=&ruid=92629dda-7b84-4795-bfb0-2bf843e3848a&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=999907290&z=5324394&b=16536118&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=ekuOUtdRSEY-bvhuNUgFw5TMjenBVGhgiarpU4MAgp9nB1PIh7m40CM1n2lm1vmTerLUlgmmC8G3o675Z4C5J7cSoFKnKJTB765ciBu9XUW7kH3riPUnv5jxuwnCI359C2zNhUGjBQ0oUWDn86DVU4RD7fiQYCMkxTy8HRqoUM3HqGLDJZLK4iWzKhwJpqBEoGz8hdiS__SAuc6ZITHXJu8Z7223Z389JO0kxDIEaQusRuJNOCGOdIJ7AeU1l-xhynLfp4KTJFmrEmNT0MEf3VBt1sUGwEgQIlDgagpUiRonsQQ89BInL7bEa2kuvKQIEC6CwOpC565R7vo1_iHLwMsL6sSKtHUYBz_JeFi3L9ojWOPMpSxqbD6BRWBA9DyceiJlEWcP8aKqbi49vyPnheM8gzjwWsaNQ5J8jsGgcpRNK6jsbCtAokuEE--q43oo1GRhydgrqLOPk9g-0XiJVX71pyZg9SdHOk3FTXohJScnUBh0fszDrEqsOUKA3ynEj7HC96HMLnTNkNt1J0ppWKgKSvJRr1TwG1U3WMJJ_vO5frWccMeYaad1WtLj4d0TwXY07D3u9s2BSbohIpNuuQHBhSOwGA4gphtCZcd7DQSd4z2OWptrWEvfE5U5F5vEiDgQMKMmPhfKg4Gf5kRoWquE6wE=&ruid=92629dda-7b84-4795-bfb0-2bf843e3848a&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=32191bbe559f4f7b8a549117090b3f2f; oaidts=1674877972
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: fb75b6b44cb9fa21bd7620467f2b665f
access-control-expose-headers: X-Sc
set-cookie: OAID=32191bbe559f4f7b8a549117090b3f2f; expires=Sun, 28 Jan 2024 03:52:53 GMT; secure; SameSite=None
oaidts=1674877972; expires=Sun, 28 Jan 2024 03:52:53 GMT; secure; SameSite=None
oaidvc=1; expires=Sun, 28 Jan 2024 03:52:53 GMT; secure; SameSite=None
CNT=1_v1_NlL8AAEAAAC5SwAA; expires=Sat, 28 Jan 2023 04:52:53 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
104.22.32.172200 OK 11 kB URL HTTP/2 offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
IP 104.22.32.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash c203639f459b6e675afc744dd5393fc6
c83a0142c1a7f6a07c2dd360243197a27f560932
64b4e386658d3f5764261f576a4673eb506fcad5e38e69ef085723f8dab72263
GET /www/images/c203639f459b6e675afc744dd5393fc6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: image/jpeg
content-length: 10857
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849a-2a69"
expires: Sun, 29 Jan 2023 03:12:23 GMT
last-modified: Thu, 01 Dec 2022 10:40:26 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2430
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7906c728bac40a1c-ARN
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 28 Jan 2023 03:45:20 GMT
expires: Sat, 28 Jan 2023 05:45:20 GMT
cache-control: public, max-age=7200
age: 453
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
oaphoace.net/500/5292343?excludes=&oaid=32191bbe559f4f7b8a549117090b3f2f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 1.3 kB URL HTTP/2 oaphoace.net/500/5292343?excludes=&oaid=32191bbe559f4f7b8a549117090b3f2f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash 12cb2517cccb794fee2d3c4b41f95e3f
d0c3ed196518d2222db1b083f896a4c4972d982b
904947f3c35ec61c5592b38cec42dfb893effab37fcb219d612815e518e93840
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5292343?excludes=&oaid=32191bbe559f4f7b8a549117090b3f2f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=23bad18cee7d47feb33799b7a023da2b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: application/javascript
x-trace-id: 057d023de57d408e89b76d3b405f239c
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=32191bbe559f4f7b8a549117090b3f2f; expires=Sun, 28 Jan 2024 03:52:53 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 97ab6d405cc1780c2c469b3209ae840b
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131200 OK 586 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:0
File type ASCII text, with very long lines (921), with no line terminators
Hash f5663b139833f4a8e0066ac97b30d0d3
f7b0f69618c8a5d87603de62b6c68bd948e5197d
cbfc44c0dd839b503a89d290390e19f5409f38962dd8843124d7ec2a6e1beec0
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 28 Jan 2023 03:52:53 GMT
date: Sat, 28 Jan 2023 03:52:53 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1616778651&t=pageview&_s=1&dl=https%3A%2F%2Fckk.ai%2FDvLM2Va&ul=en-us&de=UTF-8&dt=Loan2Host&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=163932635&gjid=2004360859&cid=1750062054.1674877975&tid=UA-113561579-8&_gid=1862460538.1674877975&_r=1&_slc=1>m=2ou1p0&z=1975750267
216.239.34.178200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1616778651&t=pageview&_s=1&dl=https%3A%2F%2Fckk.ai%2FDvLM2Va&ul=en-us&de=UTF-8&dt=Loan2Host&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=163932635&gjid=2004360859&cid=1750062054.1674877975&tid=UA-113561579-8&_gid=1862460538.1674877975&_r=1&_slc=1>m=2ou1p0&z=1975750267
IP 216.239.34.178:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=1616778651&t=pageview&_s=1&dl=https%3A%2F%2Fckk.ai%2FDvLM2Va&ul=en-us&de=UTF-8&dt=Loan2Host&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=163932635&gjid=2004360859&cid=1750062054.1674877975&tid=UA-113561579-8&_gid=1862460538.1674877975&_r=1&_slc=1>m=2ou1p0&z=1975750267 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://ckk.ai
date: Sat, 28 Jan 2023 03:52:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f1ecba7335bd2f6b6314d3c124b2023f
97fa1737398a106a4a5256f54d7f3ab428781071
572a1a7dc73b31b78d59352454fd04cc5f4b4274a0339f76f368ab3482e5c05d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 03:52:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 03:52:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 384199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
oaphoace.net/impression/4a9ph-w_SIPuHbu6eoXNxzlETuKq5aIjxqqF2vU02i1ICgRlW0XLV88jy_-I4pjvRAqZ6xCPj4eqMasroXbqpenqrZwk_tDKT-hTXrSnFaeG5Ul2WiZZo0YG_N6dsgeRtm_4_6X8BFner8AcIT51ExVw1h2R5NeanA8cZdd9Quqxu51-s1Nubo3RK8EhL9DjiMi1pVf-UU02MN0RdY-2mueCj4vF-mzYQVyQoMNwceJRdTqck40vpPr9umK8Hf7D6b_p5WxxSK6wu3x5W1Bw55tgeVoOezcTcGJpVxu9wl0H2mKrajtelkS_pdzdsw_ovKcav1wX2Ehry6MkuBj7j7T4XaHMIYNHNKHJWu__KpyUq9UqD-iReKKb_TVFJ9XfLGsWsbCrH32rQYrSchbMjqsdY3zmcWosMioJfhxS0HwReNh1LCJ02LKckwhTvNAeBqSKsNsYE6VXsWQLOW3k-HRG-hyRPgK6MjlhUw==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 oaphoace.net/impression/4a9ph-w_SIPuHbu6eoXNxzlETuKq5aIjxqqF2vU02i1ICgRlW0XLV88jy_-I4pjvRAqZ6xCPj4eqMasroXbqpenqrZwk_tDKT-hTXrSnFaeG5Ul2WiZZo0YG_N6dsgeRtm_4_6X8BFner8AcIT51ExVw1h2R5NeanA8cZdd9Quqxu51-s1Nubo3RK8EhL9DjiMi1pVf-UU02MN0RdY-2mueCj4vF-mzYQVyQoMNwceJRdTqck40vpPr9umK8Hf7D6b_p5WxxSK6wu3x5W1Bw55tgeVoOezcTcGJpVxu9wl0H2mKrajtelkS_pdzdsw_ovKcav1wX2Ehry6MkuBj7j7T4XaHMIYNHNKHJWu__KpyUq9UqD-iReKKb_TVFJ9XfLGsWsbCrH32rQYrSchbMjqsdY3zmcWosMioJfhxS0HwReNh1LCJ02LKckwhTvNAeBqSKsNsYE6VXsWQLOW3k-HRG-hyRPgK6MjlhUw==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/4a9ph-w_SIPuHbu6eoXNxzlETuKq5aIjxqqF2vU02i1ICgRlW0XLV88jy_-I4pjvRAqZ6xCPj4eqMasroXbqpenqrZwk_tDKT-hTXrSnFaeG5Ul2WiZZo0YG_N6dsgeRtm_4_6X8BFner8AcIT51ExVw1h2R5NeanA8cZdd9Quqxu51-s1Nubo3RK8EhL9DjiMi1pVf-UU02MN0RdY-2mueCj4vF-mzYQVyQoMNwceJRdTqck40vpPr9umK8Hf7D6b_p5WxxSK6wu3x5W1Bw55tgeVoOezcTcGJpVxu9wl0H2mKrajtelkS_pdzdsw_ovKcav1wX2Ehry6MkuBj7j7T4XaHMIYNHNKHJWu__KpyUq9UqD-iReKKb_TVFJ9XfLGsWsbCrH32rQYrSchbMjqsdY3zmcWosMioJfhxS0HwReNh1LCJ02LKckwhTvNAeBqSKsNsYE6VXsWQLOW3k-HRG-hyRPgK6MjlhUw==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=32191bbe559f4f7b8a549117090b3f2f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:57 GMT
content-type: image/gif
content-length: 43
x-trace-id: ea116b7a51cd45d2e9e1145fba032d0f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d04b173ecc22c619998bda87a8f9ce70
9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5
c30fbd2807e36b637bd1382a955c34abb4fe88b99173692530d288fff0986896
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8739
x-amzn-requestid: 77241ca1-d7d1-4133-bc06-e89a8db93aef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbANlFiSoAMFrcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44723-0b07156624f03d47665f2d4f;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9ZePVrD3oL-ImiMCCYYfuUbQ8l09Q-9F91cFRgSgFG2poVC5Ww4JaQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:57:22 GMT
age: 21338
etag: "9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
upgulpinon.com/27/dae1eb9bef878cda2f3d5a0907ef4d01
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/27/dae1eb9bef878cda2f3d5a0907ef4d01
IP 139.45.197.242:0
GET /27/dae1eb9bef878cda2f3d5a0907ef4d01 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=11717039ba6c49b69e51bccebbf6e652; oaidts=1674877972
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:52 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Fri, 27 Jan 2023 06:22:51 GMT
expires: Fri, 26 Feb 2083 06:22:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=32191bbe559f4f7b8a549117090b3f2f
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=32191bbe559f4f7b8a549117090b3f2f
IP 139.45.197.242:0
POST /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=32191bbe559f4f7b8a549117090b3f2f HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 52
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=11717039ba6c49b69e51bccebbf6e652; oaidts=1674877972
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: f71c12837997ef2254d1d6b3d94c0b5f
access-control-expose-headers: X-Sc
set-cookie: OAID=32191bbe559f4f7b8a549117090b3f2f; expires=Sun, 28 Jan 2024 03:52:53 GMT; secure; SameSite=None
oaidts=1674877972; expires=Sun, 28 Jan 2024 03:52:53 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddoan.club/apu.php?zoneid=5225632
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddoan.club/apu.php?zoneid=5225632
IP 139.45.197.236:0
GET /apu.php?zoneid=5225632 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:52 GMT
content-type: application/javascript
x-trace-id: 70f3a89545f165ce1c88aec3c5583c1c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9f68ac433561483ab576933d376c7707; expires=Sun, 28 Jan 2024 03:52:52 GMT; path=/; secure; SameSite=None
oaidts=1674877972; expires=Sun, 28 Jan 2024 03:52:52 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=607295534
139.45.197.236200 OK 0 B URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=607295534
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=607295534 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 7db343fcaa4531082c2429fd4db02cb3
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.141.224200 OK 0 B IP 172.67.141.224:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 03:52:52 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1195
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTp2tf0AbReX9jYlqnWdE92A1sC7tMipPNl4rICtW6Tt4deHRkkPYgm45upvSz12nGwjCaACDVywlG5qfjnOVgyR5WFTCzjkGxF%2FKR28DqI8nbemmjr7IbRaqXdL8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7906c7220b67b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.itskiddoan.club/?rb=yymYnAgNiNakDp_pSMXJHYW40lC_xY5FBUb3DXEJZIXB2osvU98pmy0skT3NE9z3jthbUd6kHnSJ00Ys37Ue24IGYoRf49gcOEB7V7I7aUm3m3uM7qGmfLMt-9P3tZT8SEua8xEfOjajUUOnltxOtP_tKKUxC0Zkfn7OBbI3Wnwv013g9ZEMsOj291wxXArnI77OSKVxPdvf3eqkOg2lAzPUxwsjQQDN&request_ab2=0&zoneid=5225632&js_build=iclick-v1.474.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.474.0&bs=77db6465-0492-4010-bc4c-215c8a6bc1b8&userId=32191bbe559f4f7b8a549117090b3f2f&m=link
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddoan.club/?rb=yymYnAgNiNakDp_pSMXJHYW40lC_xY5FBUb3DXEJZIXB2osvU98pmy0skT3NE9z3jthbUd6kHnSJ00Ys37Ue24IGYoRf49gcOEB7V7I7aUm3m3uM7qGmfLMt-9P3tZT8SEua8xEfOjajUUOnltxOtP_tKKUxC0Zkfn7OBbI3Wnwv013g9ZEMsOj291wxXArnI77OSKVxPdvf3eqkOg2lAzPUxwsjQQDN&request_ab2=0&zoneid=5225632&js_build=iclick-v1.474.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.474.0&bs=77db6465-0492-4010-bc4c-215c8a6bc1b8&userId=32191bbe559f4f7b8a549117090b3f2f&m=link
IP 139.45.197.236:0
GET /?rb=yymYnAgNiNakDp_pSMXJHYW40lC_xY5FBUb3DXEJZIXB2osvU98pmy0skT3NE9z3jthbUd6kHnSJ00Ys37Ue24IGYoRf49gcOEB7V7I7aUm3m3uM7qGmfLMt-9P3tZT8SEua8xEfOjajUUOnltxOtP_tKKUxC0Zkfn7OBbI3Wnwv013g9ZEMsOj291wxXArnI77OSKVxPdvf3eqkOg2lAzPUxwsjQQDN&request_ab2=0&zoneid=5225632&js_build=iclick-v1.474.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.474.0&bs=77db6465-0492-4010-bc4c-215c8a6bc1b8&userId=32191bbe559f4f7b8a549117090b3f2f&m=link HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Cookie: OAID=9f68ac433561483ab576933d376c7707; oaidts=1674877972
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: application/json
x-trace-id: b6da35961c2246b11c49683566d380d4
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=32191bbe559f4f7b8a549117090b3f2f; expires=Sun, 28 Jan 2024 03:52:53 GMT; path=/; secure; SameSite=None
oaidts=1674877973; expires=Sun, 28 Jan 2024 03:52:53 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 04 Feb 2023 03:52:53 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D120165890%26z%3D5324394%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DekuOUtdRSEY-bvhuNUgFw5TMjenBVGhgiarpU4MAgp9nB1PIh7m40CM1n2lm1vmTerLUlgmmC8G3o675Z4C5J7cSoFKnKJTB765ciBu9XUW7kH3riPUnv5jxuwnCI359C2zNhUGjBQ0oUWDn86DVU4RD7fiQYCMkxTy8HRqoUM3HqGLDJZLK4iWzKhwJpqBEoGz8hdiS__SAuc6ZITHXJu8Z7223Z389JO0kxDIEaQusRuJNOCGOdIJ7AeU1l-xhynLfp4KTJFmrEmNT0MEf3VBt1sUGwEgQIlDgagpUiRonsQQ89BInL7bEa2kuvKQIEC6CwOpC565R7vo1_iHLwMsL6sSKtHUYBz_JeFi3L9ojWOPMpSxqbD6BRWBA9DyceiJlEWcP8aKqbi49vyPnheM8gzjwWsaNQ5J8jsGgcpRNK6jsbCtAokuEE--q43oo1GRhydgrqLOPk9g-0XiJVX71pyZg9SdHOk3FTXohJScnUBh0fszDrEqsOUKA3ynEj7HC96HMLnTNkNt1J0ppWKgKSvJRr1TwG1U3WMJJ_vO5frWccMeYaad1WtLj4d0TwXY07D3u9s2BSbohIpNuuQHBhSOwGA4gphtCZcd7DQSd4z2OWptrWEvfE5U5F5vEiDgQMKMmPhfKg4Gf5kRoWquE6wE%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D92629dda-7b84-4795-bfb0-2bf843e3848a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FDvLM2Va%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.153200 OK 0 B URL HTTP/2 interstitial-07.com/?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D120165890%26z%3D5324394%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DekuOUtdRSEY-bvhuNUgFw5TMjenBVGhgiarpU4MAgp9nB1PIh7m40CM1n2lm1vmTerLUlgmmC8G3o675Z4C5J7cSoFKnKJTB765ciBu9XUW7kH3riPUnv5jxuwnCI359C2zNhUGjBQ0oUWDn86DVU4RD7fiQYCMkxTy8HRqoUM3HqGLDJZLK4iWzKhwJpqBEoGz8hdiS__SAuc6ZITHXJu8Z7223Z389JO0kxDIEaQusRuJNOCGOdIJ7AeU1l-xhynLfp4KTJFmrEmNT0MEf3VBt1sUGwEgQIlDgagpUiRonsQQ89BInL7bEa2kuvKQIEC6CwOpC565R7vo1_iHLwMsL6sSKtHUYBz_JeFi3L9ojWOPMpSxqbD6BRWBA9DyceiJlEWcP8aKqbi49vyPnheM8gzjwWsaNQ5J8jsGgcpRNK6jsbCtAokuEE--q43oo1GRhydgrqLOPk9g-0XiJVX71pyZg9SdHOk3FTXohJScnUBh0fszDrEqsOUKA3ynEj7HC96HMLnTNkNt1J0ppWKgKSvJRr1TwG1U3WMJJ_vO5frWccMeYaad1WtLj4d0TwXY07D3u9s2BSbohIpNuuQHBhSOwGA4gphtCZcd7DQSd4z2OWptrWEvfE5U5F5vEiDgQMKMmPhfKg4Gf5kRoWquE6wE%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D92629dda-7b84-4795-bfb0-2bf843e3848a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FDvLM2Va%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.153:0
GET /?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D120165890%26z%3D5324394%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DekuOUtdRSEY-bvhuNUgFw5TMjenBVGhgiarpU4MAgp9nB1PIh7m40CM1n2lm1vmTerLUlgmmC8G3o675Z4C5J7cSoFKnKJTB765ciBu9XUW7kH3riPUnv5jxuwnCI359C2zNhUGjBQ0oUWDn86DVU4RD7fiQYCMkxTy8HRqoUM3HqGLDJZLK4iWzKhwJpqBEoGz8hdiS__SAuc6ZITHXJu8Z7223Z389JO0kxDIEaQusRuJNOCGOdIJ7AeU1l-xhynLfp4KTJFmrEmNT0MEf3VBt1sUGwEgQIlDgagpUiRonsQQ89BInL7bEa2kuvKQIEC6CwOpC565R7vo1_iHLwMsL6sSKtHUYBz_JeFi3L9ojWOPMpSxqbD6BRWBA9DyceiJlEWcP8aKqbi49vyPnheM8gzjwWsaNQ5J8jsGgcpRNK6jsbCtAokuEE--q43oo1GRhydgrqLOPk9g-0XiJVX71pyZg9SdHOk3FTXohJScnUBh0fszDrEqsOUKA3ynEj7HC96HMLnTNkNt1J0ppWKgKSvJRr1TwG1U3WMJJ_vO5frWccMeYaad1WtLj4d0TwXY07D3u9s2BSbohIpNuuQHBhSOwGA4gphtCZcd7DQSd4z2OWptrWEvfE5U5F5vEiDgQMKMmPhfKg4Gf5kRoWquE6wE%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D92629dda-7b84-4795-bfb0-2bf843e3848a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FDvLM2Va%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=bG4srkV-hXiX3ozONN5o3r6DqgXtEdsTOegO3iTnuwc; expires=Sat, 28-Jan-2023 04:52:53 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
forfrogadiertor.com/500/5533285?excludes=&oaid=32191bbe559f4f7b8a549117090b3f2f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 forfrogadiertor.com/500/5533285?excludes=&oaid=32191bbe559f4f7b8a549117090b3f2f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5533285?excludes=&oaid=32191bbe559f4f7b8a549117090b3f2f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDvLM2Va&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=d00edbc8e6794ee98feb8f0c4683d803
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 03:52:53 GMT
content-type: application/javascript
x-trace-id: 246b60e3abb44cb0170f4695f8f349dd
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=32191bbe559f4f7b8a549117090b3f2f; expires=Sun, 28 Jan 2024 03:52:53 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2