ckk.ai/Cambiar_res
188.114.96.1301 Moved Permanently 0 B IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Cambiar_res HTTP/1.1
Host: ckk.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Feb 2023 03:04:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 09 Feb 2023 04:04:16 GMT
Location: https://ckk.ai/Cambiar_res
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mE60QLLAMLWGxCJGq%2BMXQ4JF43wqMDN2iOInNISLxw2qFfTR2bqDwkHQDSHce9yFKv73HP1wcHqFKLnrX6IaWahmB3jiW3FijlgpA8op%2FSMdLp7TmrKG0A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7969606d5dde0b49-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5196
Expires: Thu, 09 Feb 2023 04:30:52 GMT
Date: Thu, 09 Feb 2023 03:04:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13088
Expires: Thu, 09 Feb 2023 06:42:24 GMT
Date: Thu, 09 Feb 2023 03:04:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 02:34:15 GMT
content-type: application/json
age: 1801
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 22d59b71b62a8e23ef41fe26a629c1ab
1b4abc4e3caba62cdec457ff14137226369febc0
489591d30edc98ad5b6cdaf7bf7968aed1c94f9d6cf392aab122acdc004eb59d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2763
Cache-Control: max-age=110555
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:04:16 GMT
Etag: "63e364c0-118"
Expires: Fri, 10 Feb 2023 09:46:51 GMT
Last-Modified: Wed, 08 Feb 2023 09:00:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14676
Expires: Thu, 09 Feb 2023 07:08:52 GMT
Date: Thu, 09 Feb 2023 03:04:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UVa4Bu1AvuJeWHuKiSj5uVffcSiKbgnvl77mHZym7dLf2g1FzXQXM/4oi4L6o9OgQDMHghvBOVp2uRy/wI2rIA==
x-amz-request-id: R92JNDTKZT5EWMNJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 02:36:11 GMT
age: 1685
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:16 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 02:14:53 GMT
age: 2963
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 22d59b71b62a8e23ef41fe26a629c1ab
1b4abc4e3caba62cdec457ff14137226369febc0
489591d30edc98ad5b6cdaf7bf7968aed1c94f9d6cf392aab122acdc004eb59d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2764
Cache-Control: max-age=110555
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:04:17 GMT
Etag: "63e364c0-118"
Expires: Fri, 10 Feb 2023 09:46:52 GMT
Last-Modified: Wed, 08 Feb 2023 09:00:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14429
Expires: Thu, 09 Feb 2023 07:04:46 GMT
Date: Thu, 09 Feb 2023 03:04:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 37 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6aca6a72f1e251a11b83fc4010bdad
85f11c18c5bebfbabf6fa091d2ee8145c34f1b3d
1cb1f99f5b0ca838601df698c8866b60ce1841af24271a28de385065d1145a7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE1DD79EBD522BAE0E2846E07B869F2567BC2D267482A6B218A60847DEA32CC8"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=152
Expires: Thu, 09 Feb 2023 03:06:49 GMT
Date: Thu, 09 Feb 2023 03:04:17 GMT
Connection: keep-alive
push.services.mozilla.com/
52.89.217.163101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.217.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9Ei3Is9jgUUgjB4WbzZSDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XA6T0y6ECBCyYkRLD8bS2DLodeg=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 67 kB IP 216.58.211.3:0
Hash 2dc9a44a3c7fdd24417f6490d7104569
934e9c412f039f03543ae16e15436a3aa19224b0
1fd0b95336c8fe85ba9ffa2da595dd3931501e20d4dc9aacf9854f76bf498ea8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:04:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 352ed444b5f62dd0ec566f8f7a504590
70232bb65c6537552a8938c91a717434df6ec14f
fe87dc9d6758e52ebc181a8dc1e85cf028154e4f0abe203ca7817f7f5aa5648f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 337
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:04:17 GMT
Last-Modified: Thu, 09 Feb 2023 02:58:40 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b33442988672fe0e1767f513368091b
4c11b9e3320fbe5e99e63ee932dca42fb6b637b3
493ef6a005e1c3b9d0d6d9e4d053dcc9e83d345bac2e455e374fa01e1aaa835f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "493EF6A005E1C3B9D0D6D9E4D053DCC9E83D345BAC2E455E374FA01E1AAA835F"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6051
Expires: Thu, 09 Feb 2023 04:45:08 GMT
Date: Thu, 09 Feb 2023 03:04:17 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-113561579-8
216.58.207.200200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-113561579-8
IP 216.58.207.200:0
File type ASCII text, with very long lines (1759)
Hash 994087b5e95a608d0ad9b3ed85c72bf8
017699ad007be94268662e5443c7e6a12a63c909
5876e9ad8caf75c313a9d66ce895a252601507c7775d84e8b09e53c5d37e82fc
GET /gtag/js?id=UA-113561579-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 03:04:17 GMT
expires: Thu, 09 Feb 2023 03:04:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trustbummler.com/tSXyF1oQpqC/14504
23.109.87.15200 OK 25 B URL HTTP/1.1 trustbummler.com/tSXyF1oQpqC/14504
IP 23.109.87.15:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tSXyF1oQpqC/14504 HTTP/1.1
Host: trustbummler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 03:04:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ckk.ai
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Fri, 10-Feb-2023 03:04:17 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Fri, 10-Feb-2023 03:04:17 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c74e9f147de7d62e78277d819ede0751
627a1f1790ed308c084954f02edde1d8bc1f8cd3
ae5558becb7b757ec4c00f843f2bb67ae9e8c40524bf4ca0c48a1084570a13c9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE5558BECB7B757EC4C00F843F2BB67AE9E8C40524BF4CA0C48A1084570A13C9"
Last-Modified: Tue, 07 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3868
Expires: Thu, 09 Feb 2023 04:08:45 GMT
Date: Thu, 09 Feb 2023 03:04:17 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:04:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6dbf582e903bd49cfa4c6138b6d2c55c
9044ce1bc01f69c597d8e232f182be6e2dce332a
5432c3e629212cc4ac10005b34854941c2618d87f96b931e788fa5283a36d00c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5432C3E629212CC4AC10005B34854941C2618D87F96B931E788FA5283A36D00C"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4920
Expires: Thu, 09 Feb 2023 04:26:17 GMT
Date: Thu, 09 Feb 2023 03:04:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8e1d5127d2540d2c8156f87515584e74
ddd35171578cfdb7559123b8e908071363a0c251
3be544c25495301a00d40ec072b02b6340944caef55a114c781df9009027f4c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3BE544C25495301A00D40EC072B02B6340944CAEF55A114C781DF9009027F4C0"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6661
Expires: Thu, 09 Feb 2023 04:55:18 GMT
Date: Thu, 09 Feb 2023 03:04:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7f32addc23634c5f55fdd92c9f6d11e8
76f1d272abe4599e132cdcda6211703574d34024
646dcc0838b646cf96a628ecf41b2a7ef50657868d2679c692984f82d046c9d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "646DCC0838B646CF96A628ECF41B2A7EF50657868D2679C692984F82D046C9D3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7133
Expires: Thu, 09 Feb 2023 05:03:10 GMT
Date: Thu, 09 Feb 2023 03:04:17 GMT
Connection: keep-alive
forfrogadiertor.com/400/5533285
139.45.197.239200 OK 32 kB URL HTTP/2 forfrogadiertor.com/400/5533285
IP 139.45.197.239:0
Hash 36cbb80e156419603aa007e6e2b55c8b
245c9c5fd6708ec8e95f2d817f656f2da862d492
1343dd7c1f979862b9c5e78c05bf9a85ffd9098ccc9537dab52445eff0020ec3
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5533285 HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:17 GMT
content-type: application/javascript
x-trace-id: cc829776017d512aceed4b764a8241a4
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b1decf625ffc45feb63216ab0bdba18a; expires=Fri, 09 Feb 2024 03:04:17 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ba3d899907172e4aeae10c88b291d291
6d4c1b35bb51da4d6ac0e742d2de61e4d858ba7b
37abe5054b2db14ed0f7e62bbc90a4e9cf1655f112976c41800009fb4d27589e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37ABE5054B2DB14ED0F7E62BBC90A4E9CF1655F112976C41800009FB4D27589E"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4842
Expires: Thu, 09 Feb 2023 04:25:00 GMT
Date: Thu, 09 Feb 2023 03:04:18 GMT
Connection: keep-alive
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 0018ac7b3931613108ac5f3b7bf7485d
c8e85c3214ffaaf48d833dcd34e1130c70608839
b2c68bc3e7b3935c7ee138cb7b96f88e594f62d9da4ff874e678a82305448b4c
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b274ad9680df4776bfc688cf96360dd6; expires=Fri, 09 Feb 2024 03:04:18 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=b274ad9680df4776bfc688cf96360dd6
139.45.197.242204 No Content 0 B URL HTTP/2 upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=b274ad9680df4776bfc688cf96360dd6
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=b274ad9680df4776bfc688cf96360dd6 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5b1b993523163323b6a569da7eb55c47
f0e6b63b23125aab1eb608664e58ecddfefb7dd8
ec0a03bcaa80fc111a90f16589e849b4e9ee9a89b084cc5caa30103361edff24
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:04:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 15:49:38 GMT
Expires: Wed, 15 Feb 2023 15:49:37 GMT
Etag: "f0e6b63b23125aab1eb608664e58ecddfefb7dd8"
Cache-Control: max-age=563718,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796960799e8b1c0e-OSL
forfrogadiertor.com/500/5533285?excludes=&oaid=b274ad9680df4776bfc688cf96360dd6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 forfrogadiertor.com/500/5533285?excludes=&oaid=b274ad9680df4776bfc688cf96360dd6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5533285?excludes=&oaid=b274ad9680df4776bfc688cf96360dd6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1171
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 09 Feb 2023 03:04:23 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ckk.ai
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6657bba96c516bd2ec6e55339e1fc95
a3eb624638dacf67bb0bf02b5edd9c1c6b2fe13b
ff7288fb49e683f6a0e559771dd8bcc9a329ed2be0ff2da049a1860d5d9e632b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF7288FB49E683F6A0E559771DD8BCC9A329ED2BE0FF2DA049A1860D5D9E632B"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7641
Expires: Thu, 09 Feb 2023 05:11:39 GMT
Date: Thu, 09 Feb 2023 03:04:18 GMT
Connection: keep-alive
upgulpinon.com/11?rnd=1472409741&z=5324394&b=14505326&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=b6L1_8WugDSAEs2XE9GreGxFJ_YkEeVV3pKAANqHrY0tPpcJUhLnECVjqnvugLv6QqPDYOEv8veSmpi1VXId03jrPxF1bCCFji2lXSUYOjd5q_uGrZpQRF25FDRgmpL-pcJi64048PQuqOwjPs1w2TBr-ZvzomJG5FuFAqbf-8EBQwrmBJFduyuJHA2AS27PwbGOO9dhMnWyLk1o1PJoERFqXXQL0SSQ1oDTXBUEAzlNINnjQtdqlCLS68M2kvHODk_jYH513sR69V41t4ssjkA2CAL8mFfUObt6PNbbV-5CdByb90nhBcWn4m_nnvag5cW-eDvczy2DQ_6LVC_irq8EjXu5pWsKA1MZY6WtQWGh1Bq4mH2EDvUuYT5jOJfXVwK9RlSyvCwVdivCSdEC6gSSsmIRRnl0s7qAgQQyQdNdHT0st44zPlqgfSoeA2Cz7d64YI1HvhQBuT3pxchJsWIixBFALOJfdzL_JtPBoRpbXCIwQ9xzX8wybiq1xKZfnCdK0j-fPEtaw7mQZXMVAEy17x1qZOE71_jyG4fnSTfCoUscIPx2-O0lXJ22nSJOit4Ug5lkutCAATEMu8aNPakd0VDBfcB3FxDLyQrd2VANn3iNepHKXJvkmpBLk4a3-N687uDolNkV1vwYwjdAogRzF9ohbxdRWIiBol-N3LrrxPgFvYIqRGHb7Po=&ruid=62bcdfbb-7076-4eb2-9855-dab589d5200e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=217
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=1472409741&z=5324394&b=14505326&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=b6L1_8WugDSAEs2XE9GreGxFJ_YkEeVV3pKAANqHrY0tPpcJUhLnECVjqnvugLv6QqPDYOEv8veSmpi1VXId03jrPxF1bCCFji2lXSUYOjd5q_uGrZpQRF25FDRgmpL-pcJi64048PQuqOwjPs1w2TBr-ZvzomJG5FuFAqbf-8EBQwrmBJFduyuJHA2AS27PwbGOO9dhMnWyLk1o1PJoERFqXXQL0SSQ1oDTXBUEAzlNINnjQtdqlCLS68M2kvHODk_jYH513sR69V41t4ssjkA2CAL8mFfUObt6PNbbV-5CdByb90nhBcWn4m_nnvag5cW-eDvczy2DQ_6LVC_irq8EjXu5pWsKA1MZY6WtQWGh1Bq4mH2EDvUuYT5jOJfXVwK9RlSyvCwVdivCSdEC6gSSsmIRRnl0s7qAgQQyQdNdHT0st44zPlqgfSoeA2Cz7d64YI1HvhQBuT3pxchJsWIixBFALOJfdzL_JtPBoRpbXCIwQ9xzX8wybiq1xKZfnCdK0j-fPEtaw7mQZXMVAEy17x1qZOE71_jyG4fnSTfCoUscIPx2-O0lXJ22nSJOit4Ug5lkutCAATEMu8aNPakd0VDBfcB3FxDLyQrd2VANn3iNepHKXJvkmpBLk4a3-N687uDolNkV1vwYwjdAogRzF9ohbxdRWIiBol-N3LrrxPgFvYIqRGHb7Po=&ruid=62bcdfbb-7076-4eb2-9855-dab589d5200e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=217
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=1472409741&z=5324394&b=14505326&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=b6L1_8WugDSAEs2XE9GreGxFJ_YkEeVV3pKAANqHrY0tPpcJUhLnECVjqnvugLv6QqPDYOEv8veSmpi1VXId03jrPxF1bCCFji2lXSUYOjd5q_uGrZpQRF25FDRgmpL-pcJi64048PQuqOwjPs1w2TBr-ZvzomJG5FuFAqbf-8EBQwrmBJFduyuJHA2AS27PwbGOO9dhMnWyLk1o1PJoERFqXXQL0SSQ1oDTXBUEAzlNINnjQtdqlCLS68M2kvHODk_jYH513sR69V41t4ssjkA2CAL8mFfUObt6PNbbV-5CdByb90nhBcWn4m_nnvag5cW-eDvczy2DQ_6LVC_irq8EjXu5pWsKA1MZY6WtQWGh1Bq4mH2EDvUuYT5jOJfXVwK9RlSyvCwVdivCSdEC6gSSsmIRRnl0s7qAgQQyQdNdHT0st44zPlqgfSoeA2Cz7d64YI1HvhQBuT3pxchJsWIixBFALOJfdzL_JtPBoRpbXCIwQ9xzX8wybiq1xKZfnCdK0j-fPEtaw7mQZXMVAEy17x1qZOE71_jyG4fnSTfCoUscIPx2-O0lXJ22nSJOit4Ug5lkutCAATEMu8aNPakd0VDBfcB3FxDLyQrd2VANn3iNepHKXJvkmpBLk4a3-N687uDolNkV1vwYwjdAogRzF9ohbxdRWIiBol-N3LrrxPgFvYIqRGHb7Po=&ruid=62bcdfbb-7076-4eb2-9855-dab589d5200e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=217 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=b274ad9680df4776bfc688cf96360dd6; oaidts=1675911857
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: d5215c5b19201ffbb3dac865e66fa640
access-control-expose-headers: X-Sc
set-cookie: OAID=b274ad9680df4776bfc688cf96360dd6; expires=Fri, 09 Feb 2024 03:04:18 GMT; secure; SameSite=None
oaidts=1675911857; expires=Fri, 09 Feb 2024 03:04:18 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
cdn.itskiddoan.club/?rb=akWnS5ElfMCx0HBOG_oSMKjzW1G4gfHfPmY54o5BaHYwd862ynTH98i96MS34XQ0Kp6fBPTNzu8AWTHEnit1CDKDMiYPy4mlgf_xlMQP8FsA16WXeoduz2B3IdscXhOuCgm-nxgJYBAeSi2fXXrUGR5hEW8mfzRd9M03ji2YtDzDXnOoxlbfx0CONLKh2fzB9D-YGaAwvjkEpUb4lDEQGVIYN06uVLaF&request_ab2=0&zoneid=5225632&js_build=iclick-v1.483.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.483.0&bs=32780859-f46e-4d7b-a10f-8184aaba2bc7&userId=b274ad9680df4776bfc688cf96360dd6&m=link
139.45.197.236200 OK 1.9 kB URL HTTP/2 cdn.itskiddoan.club/?rb=akWnS5ElfMCx0HBOG_oSMKjzW1G4gfHfPmY54o5BaHYwd862ynTH98i96MS34XQ0Kp6fBPTNzu8AWTHEnit1CDKDMiYPy4mlgf_xlMQP8FsA16WXeoduz2B3IdscXhOuCgm-nxgJYBAeSi2fXXrUGR5hEW8mfzRd9M03ji2YtDzDXnOoxlbfx0CONLKh2fzB9D-YGaAwvjkEpUb4lDEQGVIYN06uVLaF&request_ab2=0&zoneid=5225632&js_build=iclick-v1.483.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.483.0&bs=32780859-f46e-4d7b-a10f-8184aaba2bc7&userId=b274ad9680df4776bfc688cf96360dd6&m=link
IP 139.45.197.236:0
Hash 07292d54df3d71f8852f48efeba5305b
45df05ebedcbf46a13a066074671b3886332ee71
d0eab53972cea129a5e002a3317de1519fa31a2420804005cac423a14e180830
GET /?rb=akWnS5ElfMCx0HBOG_oSMKjzW1G4gfHfPmY54o5BaHYwd862ynTH98i96MS34XQ0Kp6fBPTNzu8AWTHEnit1CDKDMiYPy4mlgf_xlMQP8FsA16WXeoduz2B3IdscXhOuCgm-nxgJYBAeSi2fXXrUGR5hEW8mfzRd9M03ji2YtDzDXnOoxlbfx0CONLKh2fzB9D-YGaAwvjkEpUb4lDEQGVIYN06uVLaF&request_ab2=0&zoneid=5225632&js_build=iclick-v1.483.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.483.0&bs=32780859-f46e-4d7b-a10f-8184aaba2bc7&userId=b274ad9680df4776bfc688cf96360dd6&m=link HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Cookie: OAID=16f2d3ede20c4cf48f70bb2b3c651e65; oaidts=1675911857
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: application/json
x-trace-id: 7131e4839d40a998ed8a91f3e1dfa4dc
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=b274ad9680df4776bfc688cf96360dd6; expires=Fri, 09 Feb 2024 03:04:18 GMT; path=/; secure; SameSite=None
oaidts=1675911858; expires=Fri, 09 Feb 2024 03:04:18 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 16 Feb 2023 03:04:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e37dc31edee8f8b6cc4af35a9c65cb69
b02a50ac826fd43647ad063fb6a11c83db9b9317
81cb8d491f9d622da335d720890ae9ee0825a798febb968c2612b6df945a4e9b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2912
Cache-Control: max-age=168668
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:04:18 GMT
Etag: "63e4472e-118"
Expires: Sat, 11 Feb 2023 01:55:26 GMT
Last-Modified: Thu, 09 Feb 2023 01:06:54 GMT
Server: ECS (amb/6BB9)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3528
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 03:04:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3528
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 03:04:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3528
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 03:04:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10fd2f55fa0cfb8616ded6ddc2bb511a
996ed68f1b9770a19a97f6c8d359e338b8c8b3ca
e552d31a5e531386b9830bb58486f09bfcb3400676f726f93fdbea08336a09da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3599
x-amzn-requestid: 658f8678-b67d-4f98-b728-cf9cbad3aa86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ABI38GUpIAMFY0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e38832-2ab19d0f2345fc7515775298;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 11:32:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oBM94J-bP0KLv3VUKHBQcndevBxzLc1rQ27Mc4Z_C-CGOyCH_FlKDw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:14:59 GMT
age: 30692
etag: "996ed68f1b9770a19a97f6c8d359e338b8c8b3ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82ed633b05ccadc8b87e83413641f1ef
aafed39990cf6a3391d53355085d816167a500fa
c9202e36b231d0a9a9cba1ff8f570e5b0fbba215eb6b28e3989fd442ee7f5835
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8717
x-amzn-requestid: dbb8b5a2-d3f6-42e2-8778-da19de081cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2c0LHaiIAMF5cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df41b4-309b6b1f651f68453dd52f55;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 05:42:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hBfl0rPzn_iOD9xRlc236_IEvyGlK5WteH1y4cd0aYxlFzd3RVfgkQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:42:47 GMT
age: 19291
etag: "aafed39990cf6a3391d53355085d816167a500fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
offerimage.com/www/images/3d08aacb36c7474e0d13b60f8f4adc14.png
104.22.33.172200 OK 66 kB URL HTTP/2 offerimage.com/www/images/3d08aacb36c7474e0d13b60f8f4adc14.png
IP 104.22.33.172:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d08aacb36c7474e0d13b60f8f4adc14
e4af2de372b5e3a2211579a5973ef7ed160e7be4
54b0569cf052e12dd373e86031009d0a54a893275a21c2ef863277a9a978ab1c
GET /www/images/3d08aacb36c7474e0d13b60f8f4adc14.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: image/png
content-length: 66121
last-modified: Mon, 12 Oct 2020 05:50:58 GMT
etag: "5f83eec2-10249"
expires: Fri, 10 Feb 2023 00:38:51 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 8727
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7969607cbe16f14a-ARN
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:24:16 GMT
age: 67202
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce710ab5746832fe637fada3e6d63abf
d545c85d4a8cf92dc8b88db0a056623d1ef7a943
40bae4a2fb9dd60e9339d15ad0838f3ca83b5b6275c35cd22878b6783fcd6247
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: c3dabd4b-797b-4bbe-8824-5f502ff477b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2aG-IoAMFfnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf5-68de905b2ed5bfe46a87e688;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AX-TsURes3Bn0RrAnH7TnsouJdkcOpbq7f7KAzPMWq4RMBH8FWMz7g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 17:45:22 GMT
age: 33536
etag: "d545c85d4a8cf92dc8b88db0a056623d1ef7a943"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 403cadd5f6beb14f5d2a4dd9eafc68d3
4724b4929c1afcc134ead274238725e4ce729b26
13d7b7ca88de8341e3ec835a5a7d8c79bc50a136aff8eb90aa3c2267f3e8cc08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5241
x-amzn-requestid: 3ffb8a54-178e-4574-9662-8dc7696203fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiy0FOqIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e41811-26219fa14a85f6e81e4cf129;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:45:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8U_d5u2rtXAyLLBhRZ3BbQkFOc5gxZIPhnyL5XOvjGV6-8KqWyn8FQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:08:52 GMT
etag: "4724b4929c1afcc134ead274238725e4ce729b26"
content-type: image/jpeg
age: 17726
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 087325c404f5b0b8e1bc800c167d6213
da37e1568089cf3536a8fe8304623694b7897326
a21b9844ebaac9fb408fc4d557badfbff0715cee7b5f3c8b9c628cdd1286dbe6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4928
x-amzn-requestid: 6f2d290e-118c-47f8-9804-440b6fad05e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f86gZEhHIAMFX5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1d79b-3bac9dcf09ea66fc4f04abbe;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 04:46:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wctSz3UwyRPsJCr9NfQDidMAMn0Wl13VP2Jt0C1nfVFKqKqiDnu_nA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:20:58 GMT
age: 17000
etag: "da37e1568089cf3536a8fe8304623694b7897326"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
oaphoace.net/500/5292343?excludes=&oaid=b274ad9680df4776bfc688cf96360dd6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 oaphoace.net/500/5292343?excludes=&oaid=b274ad9680df4776bfc688cf96360dd6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5292343?excludes=&oaid=b274ad9680df4776bfc688cf96360dd6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/f5/33/c9/3ff5b28ce50b1e6b9a5843d9f4/0744334562399.jpeg
139.45.197.151200 OK 20 kB URL HTTP/2 interstitial-07.com/contents/s/f5/33/c9/3ff5b28ce50b1e6b9a5843d9f4/0744334562399.jpeg
IP 139.45.197.151:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash f533c93ff5b28ce50b1e6b9a5843d9f4
5483d2e7294716667f86cb07ad337e7b54409484
8037f98d491aa24e53a11eadf7cdc588d4a134b289955acca1f298379702ce81
GET /contents/s/f5/33/c9/3ff5b28ce50b1e6b9a5843d9f4/0744334562399.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D3857072411%26z%3D5324394%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Db6L1_8WugDSAEs2XE9GreGxFJ_YkEeVV3pKAANqHrY0tPpcJUhLnECVjqnvugLv6QqPDYOEv8veSmpi1VXId03jrPxF1bCCFji2lXSUYOjd5q_uGrZpQRF25FDRgmpL-pcJi64048PQuqOwjPs1w2TBr-ZvzomJG5FuFAqbf-8EBQwrmBJFduyuJHA2AS27PwbGOO9dhMnWyLk1o1PJoERFqXXQL0SSQ1oDTXBUEAzlNINnjQtdqlCLS68M2kvHODk_jYH513sR69V41t4ssjkA2CAL8mFfUObt6PNbbV-5CdByb90nhBcWn4m_nnvag5cW-eDvczy2DQ_6LVC_irq8EjXu5pWsKA1MZY6WtQWGh1Bq4mH2EDvUuYT5jOJfXVwK9RlSyvCwVdivCSdEC6gSSsmIRRnl0s7qAgQQyQdNdHT0st44zPlqgfSoeA2Cz7d64YI1HvhQBuT3pxchJsWIixBFALOJfdzL_JtPBoRpbXCIwQ9xzX8wybiq1xKZfnCdK0j-fPEtaw7mQZXMVAEy17x1qZOE71_jyG4fnSTfCoUscIPx2-O0lXJ22nSJOit4Ug5lkutCAATEMu8aNPakd0VDBfcB3FxDLyQrd2VANn3iNepHKXJvkmpBLk4a3-N687uDolNkV1vwYwjdAogRzF9ohbxdRWIiBol-N3LrrxPgFvYIqRGHb7Po%3D%26bag%3DaXppJzo0txTORmg9Yt646Q%3D%3D%26ruid%3D62bcdfbb-7076-4eb2-9855-dab589d5200e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FCambiar_res%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: image/jpeg
content-length: 20112
last-modified: Wed, 19 Jan 2022 15:54:56 GMT
vary: Accept-Encoding
etag: "61e83450-4e90"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/5e/9b/98/c047812bb48d9b12a9d78bb7ba/0865874287824.jpeg
139.45.197.151200 OK 52 kB URL HTTP/2 interstitial-07.com/contents/s/5e/9b/98/c047812bb48d9b12a9d78bb7ba/0865874287824.jpeg
IP 139.45.197.151:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 5e9b98c047812bb48d9b12a9d78bb7ba
a55f54b8b3cc2cc1a76e9a13979e007961d59fa4
7410b691e0099ec4f7bf23af1234f23e6823b0fa973366ccb472844c4b782fdd
GET /contents/s/5e/9b/98/c047812bb48d9b12a9d78bb7ba/0865874287824.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D3857072411%26z%3D5324394%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Db6L1_8WugDSAEs2XE9GreGxFJ_YkEeVV3pKAANqHrY0tPpcJUhLnECVjqnvugLv6QqPDYOEv8veSmpi1VXId03jrPxF1bCCFji2lXSUYOjd5q_uGrZpQRF25FDRgmpL-pcJi64048PQuqOwjPs1w2TBr-ZvzomJG5FuFAqbf-8EBQwrmBJFduyuJHA2AS27PwbGOO9dhMnWyLk1o1PJoERFqXXQL0SSQ1oDTXBUEAzlNINnjQtdqlCLS68M2kvHODk_jYH513sR69V41t4ssjkA2CAL8mFfUObt6PNbbV-5CdByb90nhBcWn4m_nnvag5cW-eDvczy2DQ_6LVC_irq8EjXu5pWsKA1MZY6WtQWGh1Bq4mH2EDvUuYT5jOJfXVwK9RlSyvCwVdivCSdEC6gSSsmIRRnl0s7qAgQQyQdNdHT0st44zPlqgfSoeA2Cz7d64YI1HvhQBuT3pxchJsWIixBFALOJfdzL_JtPBoRpbXCIwQ9xzX8wybiq1xKZfnCdK0j-fPEtaw7mQZXMVAEy17x1qZOE71_jyG4fnSTfCoUscIPx2-O0lXJ22nSJOit4Ug5lkutCAATEMu8aNPakd0VDBfcB3FxDLyQrd2VANn3iNepHKXJvkmpBLk4a3-N687uDolNkV1vwYwjdAogRzF9ohbxdRWIiBol-N3LrrxPgFvYIqRGHb7Po%3D%26bag%3DaXppJzo0txTORmg9Yt646Q%3D%3D%26ruid%3D62bcdfbb-7076-4eb2-9855-dab589d5200e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FCambiar_res%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: image/jpeg
content-length: 51805
last-modified: Wed, 19 Jan 2022 15:54:55 GMT
vary: Accept-Encoding
etag: "61e8344f-ca5d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47114ee8db62314101353ef87c610f04
9f676acb42eeb3fc2808d2100f1411d7cc3ef239
cd1ca767877e877c1555495006b3422f2605e701a081550b6e1899a4b244a0c9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD1CA767877E877C1555495006B3422F2605E701A081550B6E1899A4B244A0C9"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16508
Expires: Thu, 09 Feb 2023 07:39:26 GMT
Date: Thu, 09 Feb 2023 03:04:18 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 09 Feb 2023 01:45:20 GMT
expires: Thu, 09 Feb 2023 03:45:20 GMT
cache-control: public, max-age=7200
age: 4738
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 4d1dca32e3545ac56e41b5b595ad3dd1
72a19cb29c537f3fe7167ef285eb1f5211e3c08a
f875e38df46822a20c6d5aab4eea973c86e7a253d724e73c94dd485e14b474fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:04:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131200 OK 584 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:0
File type ASCII text, with very long lines (921), with no line terminators
Hash 1c85a36998a092d37c3b8ce77bfe8f0e
ed157ea89b61501303c4cab5078676be9ecaa2f9
693af892a5ec0e0c91ecb568effdace49dac9fe828242cce46776dbeb8270967
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 09 Feb 2023 03:04:18 GMT
date: Thu, 09 Feb 2023 03:04:18 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=469931966&t=pageview&_s=1&dl=https%3A%2F%2Fckk.ai%2FCambiar_res&ul=en-us&de=UTF-8&dt=Loan2Host&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=420733938&gjid=1559493310&cid=989256436.1675911916&tid=UA-113561579-8&_gid=848673201.1675911916&_r=1>m=457e3280&z=860251755
216.239.32.178200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=469931966&t=pageview&_s=1&dl=https%3A%2F%2Fckk.ai%2FCambiar_res&ul=en-us&de=UTF-8&dt=Loan2Host&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=420733938&gjid=1559493310&cid=989256436.1675911916&tid=UA-113561579-8&_gid=848673201.1675911916&_r=1>m=457e3280&z=860251755
IP 216.239.32.178:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j99&a=469931966&t=pageview&_s=1&dl=https%3A%2F%2Fckk.ai%2FCambiar_res&ul=en-us&de=UTF-8&dt=Loan2Host&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=420733938&gjid=1559493310&cid=989256436.1675911916&tid=UA-113561579-8&_gid=848673201.1675911916&_r=1>m=457e3280&z=860251755 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://ckk.ai
date: Thu, 09 Feb 2023 03:04:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 4d1dca32e3545ac56e41b5b595ad3dd1
72a19cb29c537f3fe7167ef285eb1f5211e3c08a
f875e38df46822a20c6d5aab4eea973c86e7a253d724e73c94dd485e14b474fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:04:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 1d7a65a54e6cb59057b756fafabc10ab
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ckk.ai/Cambiar_res
188.114.97.1200 OK 125 kB IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63100), with CRLF, LF line terminators
Size 125 kB (125394 bytes)
Hash 4300e0b02ac85920338e0918dc7766ec
8e519556f84faef50e212f5c2b67f63e1e1057e4
51f82f7988ef132a1ef9f49a7675752e996440291be54f80290e2f13867c9100
GET /Cambiar_res HTTP/1.1
Host: ckk.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:04:17 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=1ceb907276ee1d9bf3aa2cd9061fd6c9; path=/; HttpOnly; secure
refCambiar_res=YTAwZDQ3YzlkNDYxZTdiODA5MzUyZjY5MTg1MGYwYzQ5OWUxOTQ4YTliNDI1NDZmOWQ4ZTIxNTA3YjIwN2Q0OFzX%2FgUJwUmf1A5LIem6A0lyZ%2FAIFzIG9M9IHyeJOwZq; expires=Thu, 09-Feb-2023 03:09:14 GMT; Max-Age=300; path=/; HttpOnly; secure
csrfToken=c5962bcd6e445d2fbf007bf2a5fbce180c754a72591e5ef84f9b28fc0cb6d7cadf5266071f03e2081ade1c874b25c91c9285db0acf3da15964379cb2899468b7; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sao%2B1F5K17iG5sW71RPlyh%2BvDHCjyRhBUUddHveNV1O2VGsxjSYo7hT60IuFI2UXKL4SjVCyhabFNSVGe%2B1BPDrX3tyZ7FJUe2NdeILeEugocaSAeAsVtps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7969606f8f25b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
oaphoace.net/500/5292343?excludes=&oaid=b274ad9680df4776bfc688cf96360dd6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 975 B URL HTTP/2 oaphoace.net/500/5292343?excludes=&oaid=b274ad9680df4776bfc688cf96360dd6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1200), with no line terminators
Hash 400b29a4ffb550a20481c497ff6a4bda
69383b590d46bf5f0cc3b78a8afabf97f81ef700
94986fc7ba548e71c5ca5065efa58e539af964d9df6c4c67ab76f7029632b847
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5292343?excludes=&oaid=b274ad9680df4776bfc688cf96360dd6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=987997566b7a41d496bc38e6e99303c8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: application/javascript
x-trace-id: 5edea0e9b1d165dc3f8f83f7dd6cc9f0
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b274ad9680df4776bfc688cf96360dd6; expires=Fri, 09 Feb 2024 03:04:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 08:53:11 GMT
expires: Wed, 07 Feb 2024 08:53:11 GMT
cache-control: public, max-age=31536000
age: 151867
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:04:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
104.22.33.172200 OK 11 kB URL HTTP/2 offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
IP 104.22.33.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash c203639f459b6e675afc744dd5393fc6
c83a0142c1a7f6a07c2dd360243197a27f560932
64b4e386658d3f5764261f576a4673eb506fcad5e38e69ef085723f8dab72263
GET /www/images/c203639f459b6e675afc744dd5393fc6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:04:19 GMT
content-type: image/jpeg
content-length: 10857
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849a-2a69"
expires: Thu, 09 Feb 2023 03:22:28 GMT
last-modified: Thu, 01 Dec 2022 10:40:26 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 85311
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7969607f2ecff14a-ARN
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 03:04:19 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 4d79c052353d8a55ccbe0cdddb7005af
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
oaphoace.net/impression/6icjvibXrrVbVkndimYJDMBuX-h7eEzNLzlUvYVaIAxNf7Eh32QJJuUF6QH6Ztiv9ROHxci4kKnma0WQ4ICS_2fqdocVQvwXq7FAz8cyJl6REL1kIjbWyV2SPJpkX8jjJAH2tLTtooGSYYIEmsxiDz3lFXPaiwePfGBpz6D8o9Ej1_sn0hjAW5OKQXSv8DH0OHktFnKBYgmMnNeP_eY20aq5jbbgSVmrg1u0v31RKICv833hXQNUGKyJ0kdgtbdiePiwHomR6d_g3dNAXnq0irHV3xCKZ_uUW-HrRU_JxwMUGcU2ADWzGueRUJaO_tzMQUM1pAsAvFtPjtLr1KPBXPfl2a8eHJHPFJI0awvsGQBGj1e3gR0RP8v7b-Q91kdnqIUYPM_c8OjmngaeeBpt0CccrFLiJxeHJueC-52ViuU3lfxau9aFjQjmCHGPmoxXw1dYJcIKLPNJzq_jx49QaVcu9pkj4TxTI8pLTdX19qyP1VBPRIZVBpYQRWtnh95cRlT-AFB0vEu6QdMYbyn93gqVd4LRSXZs1_uXj3sXWUXW7oj6VX2ak85uop3UpqkfMqstuWofNtI=?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 oaphoace.net/impression/6icjvibXrrVbVkndimYJDMBuX-h7eEzNLzlUvYVaIAxNf7Eh32QJJuUF6QH6Ztiv9ROHxci4kKnma0WQ4ICS_2fqdocVQvwXq7FAz8cyJl6REL1kIjbWyV2SPJpkX8jjJAH2tLTtooGSYYIEmsxiDz3lFXPaiwePfGBpz6D8o9Ej1_sn0hjAW5OKQXSv8DH0OHktFnKBYgmMnNeP_eY20aq5jbbgSVmrg1u0v31RKICv833hXQNUGKyJ0kdgtbdiePiwHomR6d_g3dNAXnq0irHV3xCKZ_uUW-HrRU_JxwMUGcU2ADWzGueRUJaO_tzMQUM1pAsAvFtPjtLr1KPBXPfl2a8eHJHPFJI0awvsGQBGj1e3gR0RP8v7b-Q91kdnqIUYPM_c8OjmngaeeBpt0CccrFLiJxeHJueC-52ViuU3lfxau9aFjQjmCHGPmoxXw1dYJcIKLPNJzq_jx49QaVcu9pkj4TxTI8pLTdX19qyP1VBPRIZVBpYQRWtnh95cRlT-AFB0vEu6QdMYbyn93gqVd4LRSXZs1_uXj3sXWUXW7oj6VX2ak85uop3UpqkfMqstuWofNtI=?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/6icjvibXrrVbVkndimYJDMBuX-h7eEzNLzlUvYVaIAxNf7Eh32QJJuUF6QH6Ztiv9ROHxci4kKnma0WQ4ICS_2fqdocVQvwXq7FAz8cyJl6REL1kIjbWyV2SPJpkX8jjJAH2tLTtooGSYYIEmsxiDz3lFXPaiwePfGBpz6D8o9Ej1_sn0hjAW5OKQXSv8DH0OHktFnKBYgmMnNeP_eY20aq5jbbgSVmrg1u0v31RKICv833hXQNUGKyJ0kdgtbdiePiwHomR6d_g3dNAXnq0irHV3xCKZ_uUW-HrRU_JxwMUGcU2ADWzGueRUJaO_tzMQUM1pAsAvFtPjtLr1KPBXPfl2a8eHJHPFJI0awvsGQBGj1e3gR0RP8v7b-Q91kdnqIUYPM_c8OjmngaeeBpt0CccrFLiJxeHJueC-52ViuU3lfxau9aFjQjmCHGPmoxXw1dYJcIKLPNJzq_jx49QaVcu9pkj4TxTI8pLTdX19qyP1VBPRIZVBpYQRWtnh95cRlT-AFB0vEu6QdMYbyn93gqVd4LRSXZs1_uXj3sXWUXW7oj6VX2ak85uop3UpqkfMqstuWofNtI=?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=b274ad9680df4776bfc688cf96360dd6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:22 GMT
content-type: image/gif
content-length: 43
x-trace-id: 9f18a6888e435ed13c71c5bf3216688c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
upgulpinon.com/27/90f7f588ad5892e2821c323c80d6c1b6
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/27/90f7f588ad5892e2821c323c80d6c1b6
IP 139.45.197.242:0
GET /27/90f7f588ad5892e2821c323c80d6c1b6 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=7119a01507a64458affcd309e80653b7; oaidts=1675911857
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:17 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Wed, 08 Feb 2023 07:51:08 GMT
expires: Wed, 10 Mar 2083 07:51:08 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
oaphoace.net/401/5292343
139.45.197.239200 OK 0 B IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5292343 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: application/javascript
x-trace-id: 5ba79d94b06bf35031c5444e81b371a9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=987997566b7a41d496bc38e6e99303c8; expires=Fri, 09 Feb 2024 03:04:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=5NkemsOr1f67nIls7qxYjjElptS5JfoGVUF3vr8uEza-r_wdBAi89GYzgv7WF3IZT1sYSb80tPCnEuBVJOhwDM324DL9zh2_KOb-QL2pMXfmpWonohmTDT7aq_ngPL8O67R4EwN8hPzBa6dOIn0nVDPK4X2_H1E3bgdVoKl6PWZbHOW8gErQk5m0MVvXwnXv8djG9Hzn_qu9wC5yzH1y6deS4c_nhi6x&request_ab2=0&zoneid=3491150&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=b3ca6451-3a69-4908-a704-d1276f138662&userId=b274ad9680df4776bfc688cf96360dd6&m=link
139.45.197.243200 OK 0 B URL HTTP/2 onmarshtompor.com/?rb=5NkemsOr1f67nIls7qxYjjElptS5JfoGVUF3vr8uEza-r_wdBAi89GYzgv7WF3IZT1sYSb80tPCnEuBVJOhwDM324DL9zh2_KOb-QL2pMXfmpWonohmTDT7aq_ngPL8O67R4EwN8hPzBa6dOIn0nVDPK4X2_H1E3bgdVoKl6PWZbHOW8gErQk5m0MVvXwnXv8djG9Hzn_qu9wC5yzH1y6deS4c_nhi6x&request_ab2=0&zoneid=3491150&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=b3ca6451-3a69-4908-a704-d1276f138662&userId=b274ad9680df4776bfc688cf96360dd6&m=link
IP 139.45.197.243:0
GET /?rb=5NkemsOr1f67nIls7qxYjjElptS5JfoGVUF3vr8uEza-r_wdBAi89GYzgv7WF3IZT1sYSb80tPCnEuBVJOhwDM324DL9zh2_KOb-QL2pMXfmpWonohmTDT7aq_ngPL8O67R4EwN8hPzBa6dOIn0nVDPK4X2_H1E3bgdVoKl6PWZbHOW8gErQk5m0MVvXwnXv8djG9Hzn_qu9wC5yzH1y6deS4c_nhi6x&request_ab2=0&zoneid=3491150&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=b3ca6451-3a69-4908-a704-d1276f138662&userId=b274ad9680df4776bfc688cf96360dd6&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: application/json
x-trace-id: 867b7d1e8b33d19c30c3a2b55fdf80a5
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=b274ad9680df4776bfc688cf96360dd6; expires=Fri, 09 Feb 2024 03:04:18 GMT; path=/; secure; SameSite=None
oaidts=1675911858; expires=Fri, 09 Feb 2024 03:04:18 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 16 Feb 2023 03:04:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=962995028
139.45.197.236200 OK 0 B URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=962995028
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=962995028 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 77c224864e008055b4958beabda839f6
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.89.122200 OK 0 B IP 104.21.89.122:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:04:17 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:30:52 GMT
etag: W/"63dd36bc-43b7"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsnZsTDtPi48RHu%2B1nORqRAhM8mgqw0G6sfpiy15DB%2Fmql%2BmbRe2yTN7pwtje8EflezlAE%2BRODoFkYT7GRl57%2F7jjjPhipujDIdfWqDPiUFV9Qy%2FAD%2FroFAP7S8klQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79696077c8591c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.itskiddoan.club/apu.php?zoneid=5225632
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddoan.club/apu.php?zoneid=5225632
IP 139.45.197.236:0
GET /apu.php?zoneid=5225632 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:17 GMT
content-type: application/javascript
x-trace-id: 9a243ba391532005dce21a2bde5b7394
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=16f2d3ede20c4cf48f70bb2b3c651e65; expires=Fri, 09 Feb 2024 03:04:17 GMT; path=/; secure; SameSite=None
oaidts=1675911857; expires=Fri, 09 Feb 2024 03:04:17 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddien.club/apu.php?zoneid=5535659
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=5535659
IP 139.45.197.236:0
GET /apu.php?zoneid=5535659 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:17 GMT
content-type: application/javascript
x-trace-id: ff54353e615624b53255816706577652
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ba3307c35cd942ab817cb28ef2599994; expires=Fri, 09 Feb 2024 03:04:17 GMT; path=/; secure; SameSite=None
oaidts=1675911857; expires=Fri, 09 Feb 2024 03:04:17 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
forfrogadiertor.com/500/5533285?excludes=&oaid=b274ad9680df4776bfc688cf96360dd6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 forfrogadiertor.com/500/5533285?excludes=&oaid=b274ad9680df4776bfc688cf96360dd6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5533285?excludes=&oaid=b274ad9680df4776bfc688cf96360dd6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=b1decf625ffc45feb63216ab0bdba18a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: application/javascript
x-trace-id: 844ff210d52c953b7e9c6a2ace58938d
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b274ad9680df4776bfc688cf96360dd6; expires=Fri, 09 Feb 2024 03:04:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.482.0
139.45.197.234200 OK 0 B URL HTTP/2 bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.482.0
IP 139.45.197.234:0
GET /5/3491150/?oo=1&js_build=iclick-v1.482.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: application/json
x-trace-id: b873552f3df9d69fe4850fe621a65819
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=438ba806579a435495692d21490aa5ae; expires=Fri, 09 Feb 2024 03:04:18 GMT; path=/; secure; SameSite=None
oaidts=1675911858; expires=Fri, 09 Feb 2024 03:04:18 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=b274ad9680df4776bfc688cf96360dd6
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=b274ad9680df4776bfc688cf96360dd6
IP 139.45.197.242:0
POST /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FCambiar_res&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=b274ad9680df4776bfc688cf96360dd6 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 52
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=7119a01507a64458affcd309e80653b7; oaidts=1675911857
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 2054e817ec55ba6c97a97a8631fa1e22
access-control-expose-headers: X-Sc
set-cookie: OAID=b274ad9680df4776bfc688cf96360dd6; expires=Fri, 09 Feb 2024 03:04:18 GMT; secure; SameSite=None
oaidts=1675911857; expires=Fri, 09 Feb 2024 03:04:18 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
upgulpinon.com/1?z=5324394
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/1?z=5324394
IP 139.45.197.242:0
GET /1?z=5324394 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:17 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: e3f2f58c3bf544b7db047fc3d532d224
access-control-expose-headers: X-Sc
x-sc: n6J_kjmE2tEUM3it2NIPIG5LpjxMVbrkoxsHLUyjtM6zDNSJ2HpyFSbPGYiyBQiroZlA1vlJWatGH_fbMH_c1dJCd2Q=
set-cookie: scm=1; expires=Fri, 09 Feb 2024 03:04:17 GMT; secure; SameSite=None
OAID=7119a01507a64458affcd309e80653b7; expires=Fri, 09 Feb 2024 03:04:17 GMT; secure; SameSite=None
oaidts=1675911857; expires=Fri, 09 Feb 2024 03:04:17 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D3857072411%26z%3D5324394%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Db6L1_8WugDSAEs2XE9GreGxFJ_YkEeVV3pKAANqHrY0tPpcJUhLnECVjqnvugLv6QqPDYOEv8veSmpi1VXId03jrPxF1bCCFji2lXSUYOjd5q_uGrZpQRF25FDRgmpL-pcJi64048PQuqOwjPs1w2TBr-ZvzomJG5FuFAqbf-8EBQwrmBJFduyuJHA2AS27PwbGOO9dhMnWyLk1o1PJoERFqXXQL0SSQ1oDTXBUEAzlNINnjQtdqlCLS68M2kvHODk_jYH513sR69V41t4ssjkA2CAL8mFfUObt6PNbbV-5CdByb90nhBcWn4m_nnvag5cW-eDvczy2DQ_6LVC_irq8EjXu5pWsKA1MZY6WtQWGh1Bq4mH2EDvUuYT5jOJfXVwK9RlSyvCwVdivCSdEC6gSSsmIRRnl0s7qAgQQyQdNdHT0st44zPlqgfSoeA2Cz7d64YI1HvhQBuT3pxchJsWIixBFALOJfdzL_JtPBoRpbXCIwQ9xzX8wybiq1xKZfnCdK0j-fPEtaw7mQZXMVAEy17x1qZOE71_jyG4fnSTfCoUscIPx2-O0lXJ22nSJOit4Ug5lkutCAATEMu8aNPakd0VDBfcB3FxDLyQrd2VANn3iNepHKXJvkmpBLk4a3-N687uDolNkV1vwYwjdAogRzF9ohbxdRWIiBol-N3LrrxPgFvYIqRGHb7Po%3D%26bag%3DaXppJzo0txTORmg9Yt646Q%3D%3D%26ruid%3D62bcdfbb-7076-4eb2-9855-dab589d5200e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FCambiar_res%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.151200 OK 0 B URL HTTP/2 interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D3857072411%26z%3D5324394%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Db6L1_8WugDSAEs2XE9GreGxFJ_YkEeVV3pKAANqHrY0tPpcJUhLnECVjqnvugLv6QqPDYOEv8veSmpi1VXId03jrPxF1bCCFji2lXSUYOjd5q_uGrZpQRF25FDRgmpL-pcJi64048PQuqOwjPs1w2TBr-ZvzomJG5FuFAqbf-8EBQwrmBJFduyuJHA2AS27PwbGOO9dhMnWyLk1o1PJoERFqXXQL0SSQ1oDTXBUEAzlNINnjQtdqlCLS68M2kvHODk_jYH513sR69V41t4ssjkA2CAL8mFfUObt6PNbbV-5CdByb90nhBcWn4m_nnvag5cW-eDvczy2DQ_6LVC_irq8EjXu5pWsKA1MZY6WtQWGh1Bq4mH2EDvUuYT5jOJfXVwK9RlSyvCwVdivCSdEC6gSSsmIRRnl0s7qAgQQyQdNdHT0st44zPlqgfSoeA2Cz7d64YI1HvhQBuT3pxchJsWIixBFALOJfdzL_JtPBoRpbXCIwQ9xzX8wybiq1xKZfnCdK0j-fPEtaw7mQZXMVAEy17x1qZOE71_jyG4fnSTfCoUscIPx2-O0lXJ22nSJOit4Ug5lkutCAATEMu8aNPakd0VDBfcB3FxDLyQrd2VANn3iNepHKXJvkmpBLk4a3-N687uDolNkV1vwYwjdAogRzF9ohbxdRWIiBol-N3LrrxPgFvYIqRGHb7Po%3D%26bag%3DaXppJzo0txTORmg9Yt646Q%3D%3D%26ruid%3D62bcdfbb-7076-4eb2-9855-dab589d5200e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FCambiar_res%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.151:0
GET /?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D3857072411%26z%3D5324394%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Db6L1_8WugDSAEs2XE9GreGxFJ_YkEeVV3pKAANqHrY0tPpcJUhLnECVjqnvugLv6QqPDYOEv8veSmpi1VXId03jrPxF1bCCFji2lXSUYOjd5q_uGrZpQRF25FDRgmpL-pcJi64048PQuqOwjPs1w2TBr-ZvzomJG5FuFAqbf-8EBQwrmBJFduyuJHA2AS27PwbGOO9dhMnWyLk1o1PJoERFqXXQL0SSQ1oDTXBUEAzlNINnjQtdqlCLS68M2kvHODk_jYH513sR69V41t4ssjkA2CAL8mFfUObt6PNbbV-5CdByb90nhBcWn4m_nnvag5cW-eDvczy2DQ_6LVC_irq8EjXu5pWsKA1MZY6WtQWGh1Bq4mH2EDvUuYT5jOJfXVwK9RlSyvCwVdivCSdEC6gSSsmIRRnl0s7qAgQQyQdNdHT0st44zPlqgfSoeA2Cz7d64YI1HvhQBuT3pxchJsWIixBFALOJfdzL_JtPBoRpbXCIwQ9xzX8wybiq1xKZfnCdK0j-fPEtaw7mQZXMVAEy17x1qZOE71_jyG4fnSTfCoUscIPx2-O0lXJ22nSJOit4Ug5lkutCAATEMu8aNPakd0VDBfcB3FxDLyQrd2VANn3iNepHKXJvkmpBLk4a3-N687uDolNkV1vwYwjdAogRzF9ohbxdRWIiBol-N3LrrxPgFvYIqRGHb7Po%3D%26bag%3DaXppJzo0txTORmg9Yt646Q%3D%3D%26ruid%3D62bcdfbb-7076-4eb2-9855-dab589d5200e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FCambiar_res%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:04:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=_OmVJF3a3VhrJ4C9rRTaCiZg2Rkzt_tMz8BONsHnXys; expires=Thu, 09-Feb-2023 04:04:18 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2