evweinviw.com/WPMM8BgZ
104.21.6.137301 Moved Permanently 0 B IP 104.21.6.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WPMM8BgZ HTTP/1.1
Host: evweinviw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 07:43:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 Feb 2023 08:43:01 GMT
Location: https://evweinviw.com/WPMM8BgZ
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDMO1ypODYgi507JzEuWIVaPR%2FApChwfD87Ni5lA9vbA8dc7WB3HF6KHjwx3j6mUVnx154gEJlcXlamrrij8vktttDR5%2B3mYXKAxOodPLAwzAXkhYdV2eFAd3wrx2BdO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7962bb628cf30b49-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16489
Expires: Wed, 08 Feb 2023 12:17:50 GMT
Date: Wed, 08 Feb 2023 07:43:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7232
Expires: Wed, 08 Feb 2023 09:43:33 GMT
Date: Wed, 08 Feb 2023 07:43:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7979
Expires: Wed, 08 Feb 2023 09:56:00 GMT
Date: Wed, 08 Feb 2023 07:43:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 07:34:12 GMT
content-type: application/json
age: 529
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dl6OntJ84qFWDW02wpeu3UMd/LEuG58U8W625ClGOUoIMPnh5TdQdgVHbc7NcZrR6jZBovlCEsxZ5/m4U8RFuQ==
x-amz-request-id: 1YYWCYFPHGJDSDSP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 07:35:51 GMT
age: 430
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:01 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 59a0be1e357e52f94aebc54f04e04d49
a5d08a95475f21b65f82c1a319f65918aa255932
8a1933eff34e7bc5b66c6946456445eb514353ef46379efac50c5c9e333b4a63
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8A1933EFF34E7BC5B66C6946456445EB514353EF46379EFAC50C5C9E333B4A63"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Wed, 08 Feb 2023 13:42:17 GMT
Date: Wed, 08 Feb 2023 07:43:01 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 59a0be1e357e52f94aebc54f04e04d49
a5d08a95475f21b65f82c1a319f65918aa255932
8a1933eff34e7bc5b66c6946456445eb514353ef46379efac50c5c9e333b4a63
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8A1933EFF34E7BC5B66C6946456445EB514353EF46379EFAC50C5C9E333B4A63"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Wed, 08 Feb 2023 13:42:17 GMT
Date: Wed, 08 Feb 2023 07:43:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 06:51:20 GMT
age: 3102
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash a0f625d612b29e5ce14287caa92842bb
1db1733da8986a1754554785d805967faeeea979
450cf0617ce885a2106aa6fb0ebf76899fd6f05ded678e16da7ff6d0fe187c64
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:43:02 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 15:45:50 GMT
Expires: Sun, 12 Feb 2023 15:45:49 GMT
Etag: "1db1733da8986a1754554785d805967faeeea979"
Cache-Control: max-age=373966,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7962bb66d9290b49-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16788
Expires: Wed, 08 Feb 2023 12:22:50 GMT
Date: Wed, 08 Feb 2023 07:43:02 GMT
Connection: keep-alive
news-civuse.com/lands/38/lp.js
193.108.118.121200 OK 1.4 kB URL HTTP/2 news-civuse.com/lands/38/lp.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/lp.js HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/revopush.js?v=4
193.108.118.121200 OK 10 kB URL HTTP/2 news-civuse.com/revopush.js?v=4
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (9954), with no line terminators
Hash fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
Analyzer Verdict Alert fortinet Phishing
GET /revopush.js?v=4 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
193.108.118.121200 OK 4.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
193.108.118.121200 OK 6.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
193.108.118.121200 OK 8.3 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
193.108.118.121200 OK 1.4 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
193.108.118.121200 OK 12 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd
GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
193.108.118.121200 OK 22 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
193.108.118.121200 OK 28 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Hash c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
193.108.118.121200 OK 17 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
193.108.118.121200 OK 11 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
193.108.118.121200 OK 14 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
193.108.118.121200 OK 13 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
193.108.118.121200 OK 16 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
193.108.118.121200 OK 18 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
193.108.118.121200 OK 2.4 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
193.108.118.121200 OK 9.6 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
193.108.118.121200 OK 15 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
193.108.118.121200 OK 10 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
193.108.118.121200 OK 8.3 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
193.108.118.121200 OK 9.3 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
193.108.118.121200 OK 9.9 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
193.108.118.121200 OK 8.9 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
193.108.118.121200 OK 20 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
193.108.118.121200 OK 15 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
193.108.118.121200 OK 24 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
193.108.118.121200 OK 887 B URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash 609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
193.108.118.121200 OK 1.2 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
193.108.118.121200 OK 1.7 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
193.108.118.121200 OK 1.1 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
193.108.118.121200 OK 2.4 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
193.108.118.121200 OK 2.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash 3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
193.108.118.121200 OK 3.1 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
193.108.118.121200 OK 1.6 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
193.108.118.121200 OK 887 B URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
193.108.118.121200 OK 841 B URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
193.108.118.121200 OK 4.6 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
193.108.118.121200 OK 7.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
193.108.118.121200 OK 4.3 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
193.108.118.121200 OK 4.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
193.108.118.121200 OK 8.6 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
193.108.118.121200 OK 5.1 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
193.108.118.121200 OK 7.9 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
193.108.118.121200 OK 4.7 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
193.108.118.121200 OK 6.8 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
193.108.118.121200 OK 1.9 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e3e21c5b9c6ce63a37f2840472fb7cd7
4c4a38a942ae2aee024225ced1d0c08af441d07b
60eb9863c4425aca9829c975a003ecc54fde71d556a0485456656352c2f59102
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60EB9863C4425ACA9829C975A003ECC54FDE71D556A0485456656352C2F59102"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11111
Expires: Wed, 08 Feb 2023 10:48:13 GMT
Date: Wed, 08 Feb 2023 07:43:02 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:43:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.88.112.71101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.112.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1huVjky6s1E85la5oIzjlQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: n3vTsPXlGRVxbvpavR8n/bNvTJw=
errors.house/js-sdk-loader/f1c7cfc107e94764b41b7a2b50de5ae0.min.js
144.76.158.184200 OK 1.9 kB URL HTTP/1.1 errors.house/js-sdk-loader/f1c7cfc107e94764b41b7a2b50de5ae0.min.js
IP 144.76.158.184:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (512)
Hash 80932f4dcde89b05c9a4e8f491d1137a
790824b7aee301fa9a3794fa34b7cef37a88f730
9a0262ebf8e5fcb4028b6ea0876c9e06270170be66a752a08dd4acdfa6ca7b93
GET /js-sdk-loader/f1c7cfc107e94764b41b7a2b50de5ae0.min.js HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://news-civuse.com
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:02 GMT
Content-Type: text/javascript
Content-Length: 1855
Connection: close
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
Surrogate-Key: project/3 sdk/7.15.0 sdk-loader
X-Frame-Options: deny
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:43:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
news-civuse.com/sw.js
193.108.118.121200 OK 4.2 kB IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4168)
Hash 569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/index.php_files/pu.swf
193.108.118.121200 OK 2.0 kB URL HTTP/2 news-civuse.com/lands/38/index.php_files/pu.swf
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
193.108.118.121200 OK 8.2 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 09a3857817c56da56ca915546555bb33
4eef039030de077e7e63d2894f7d0951b1e137c8
44b605c2a3dcc7994d49fb945c6731ed8f03fc7154ab70f7c805c5b6e810e07f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
193.108.118.121200 OK 234 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size 234 kB (234218 bytes)
Hash 60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6
GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:03 GMT
age: 7654110
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.15.0/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.15.0/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (61994)
Hash 630573cba95f68cf0b327187fb13c020
d43f4f70268aa019fc4d2627cd477864dc291271
ece93676dd48b988b7f480f72442e66e243ed2d1a5989ed742687391c1f21ef6
GET /7.15.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://news-civuse.com
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 08:56:47 GMT
last-modified: Mon, 10 Oct 2022 12:23:16 GMT
etag: "630573cba95f68cf0b327187fb13c020"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:03 GMT
age: 5957176
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20163
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=13260
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=17421
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201504/13/47540711/original/3.jpg
205.185.208.60200 OK 13 kB URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201504/13/47540711/original/3.jpg
IP 205.185.208.60:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 258x145, components 3\012- data
Hash dce82d44b4b11da45323c7fb3d48f2e8
1f89ba9a7c5f9bb914f4d9a8546119f68f7ddcfc
71035bfb92d2af8dd1b035d0b27b853e08adfc90b0c248d1ce3a131cf7631601
GET /m=ecuK8daaaa/videos/201504/13/47540711/original/3.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 07:43:03 GMT
etag: "1576646962"
content-length: 13332
content-type: image/jpeg
last-modified: Wed, 18 Dec 2019 05:29:22 GMT
accept-ranges: bytes
cache-control: max-age=10377942
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds240.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=20259
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=1577
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=5484
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=23824
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=12683
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/lp.js
193.108.118.121200 OK 1.4 kB URL HTTP/2 1.news-civuse.com/lands/38/lp.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/lp.js HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/revopush.js?v=4
193.108.118.121200 OK 10 kB URL HTTP/2 1.news-civuse.com/revopush.js?v=4
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (9954), with no line terminators
Hash fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
GET /revopush.js?v=4 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
193.108.118.121200 OK 4.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
193.108.118.121200 OK 6.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
193.108.118.121200 OK 8.3 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
193.108.118.121200 OK 1.4 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
193.108.118.121200 OK 12 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd
GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
193.108.118.121200 OK 22 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
193.108.118.121200 OK 28 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Hash c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
193.108.118.121200 OK 17 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
193.108.118.121200 OK 11 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/jquery-3.2.1.min.js
193.108.118.121200 OK 44 kB URL HTTP/2 news-civuse.com/lands/38/jquery-3.2.1.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 38faff69cd8157ed3c0a0d868e68a2a9
5465ed29ad1a94d1e814320d62fee0f3c0601ebc
daf4345390a416fed7687b23a7315b2beab514067e1107b99882c65b1821d6eb
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
193.108.118.121200 OK 13 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=13260
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
193.108.118.121200 OK 18 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=20259
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
193.108.118.121200 OK 2.4 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
193.108.118.121200 OK 9.6 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
193.108.118.121200 OK 15 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
193.108.118.121200 OK 10 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=1577
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
193.108.118.121200 OK 8.3 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
193.108.118.121200 OK 9.3 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
193.108.118.121200 OK 9.9 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
193.108.118.121200 OK 8.9 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=5484
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
193.108.118.121200 OK 20 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=12683
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
193.108.118.121200 OK 15 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=17421
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=23824
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
193.108.118.121200 OK 24 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
193.108.118.121200 OK 887 B URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash 609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
193.108.118.121200 OK 1.2 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
144.76.158.184429 Too Many Requests 162 B URL HTTP/1.1 errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP 144.76.158.184:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae
POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 136
Origin: https://news-civuse.com
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:03 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
193.108.118.121200 OK 1.7 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
193.108.118.121200 OK 1.1 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
193.108.118.121200 OK 2.4 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
193.108.118.121200 OK 2.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash 3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
193.108.118.121200 OK 3.1 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
193.108.118.121200 OK 11 kB URL HTTP/2 news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 993e7043a962b3932dbc23eeb842d357
aa911dc217366213b25b4d82293e95f9a1cf1bea
3bd131dc259f18b82d398ff06da63ccaeaa9629a58540fe2d566746dc3870ff8
GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/jquery-3.2.1.min.js
193.108.118.121200 OK 31 kB URL HTTP/2 1.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 7a99c8fc412370c6736820f33c83172b
6c1e1f2e34817deddde513881baed016f93915e6
daeb19f236c7dc9a9e71849ce1f50bcd14db5338d4d311ba208d7c655b2f0120
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
193.108.118.121200 OK 6.2 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 26c8a9c9a1b5ae6f4479f3df9e14bac0
1faff49e20c35bae164207fdd234c150e3b5de7f
fb2e52f3679422ed27b5dcb937ed9f397806020bcf0cad9ce74be11b4cf86bb7
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
193.108.118.121200 OK 841 B URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
193.108.118.121200 OK 13 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 04ad7b45329d2c0b103522c2619e9658
5d58ee7f7ac86608fc3c3bd6f5b12226327e3110
f1131e38ca67ceca2a036f87d46d0a052ea50d38eed4469994a9bb1d1046b69a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
193.108.118.121200 OK 4.6 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
193.108.118.121200 OK 10 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 892b6aac57c35ab1a1ccf4f554a8b6c8
0807fde7c08a64d3702fae411805c075fa14dc05
5f2461ebdb1f50b6bce05d34298ad810a00146d7abc81e709bfec5a32b05894f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
193.108.118.121200 OK 20 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash bb61327c12be2131e4fd39667e1625b1
5652ad34726013866f350def02135c7244f8d82a
9a0ca42d0939591140b9678cbbfd84cfc026ee9a0c0dd3aa9b0aa8fef5089f99
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
193.108.118.121200 OK 4.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
193.108.118.121200 OK 8.6 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
193.108.118.121200 OK 5.1 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
193.108.118.121200 OK 7.9 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
193.108.118.121200 OK 4.7 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
193.108.118.121200 OK 6.8 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
193.108.118.121200 OK 1.9 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/sw.js
193.108.118.121200 OK 4.2 kB IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4168)
Hash 569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/index.php_files/pu.swf
193.108.118.121200 OK 2.0 kB URL HTTP/2 1.news-civuse.com/lands/38/index.php_files/pu.swf
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=13260
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=20259
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=1577
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=5484
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=12683
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=17421
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=23824
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 317 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash f6d27652a67d020ef95fc90618634887
78b7aea766f85b3156a79229d08c76961a89868a
01fa6be9f50fe1bfa7fe7d8fdec1c05a13fdbca931bb1752f2f4a4b83922df78
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:43:03 GMT
Content-Type: application/ocsp-response
Content-Length: 317
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 14:16:14 GMT
Expires: Sun, 12 Feb 2023 14:16:13 GMT
Etag: "78b7aea766f85b3156a79229d08c76961a89868a"
Cache-Control: max-age=368589,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7962bb6e7f660b49-OSL
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
193.108.118.121200 OK 7.5 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 4a29a7232d0715bebf86fff347173ec8
e5d508580d5d8309f5cde536bf499dda3ba4de5d
5b0c059250ed6f96788447c04b80ec6b313860d7b68ec5ae0b45543abfe704f0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
193.108.118.121200 OK 234 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size 234 kB (234218 bytes)
Hash 60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6
GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:03 GMT
age: 7654111
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18452
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:43:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18452
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:43:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18452
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:43:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18452
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:43:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18452
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:43:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02fde25be5ded120af759d19d8304f73
8d2a4d9ab5947113ce0737d4d4bed3e30a971026
7cdf26668cca22f28eee047d3fcf30cea8d97b1d8804fe2132728f26cd11558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8629
x-amzn-requestid: cc20d28e-3937-4826-97ef-100fb5dd2645
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFn3oAMF61A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-6e764236604212fa26dab38a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GIAPTJF7sfpuubLSngEDMrowvBWW5c1xRlyVf7PQ3o6rGWdFITVioA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:15:10 GMT
etag: "8d2a4d9ab5947113ce0737d4d4bed3e30a971026"
content-type: image/jpeg
age: 34073
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18a84ae645223aba0709b5e16c0207f7
0b865e797846520ccc6fff6fb2ee38d8836bd2c0
b1e4868045f074a84e3de1d82ec3ae22f6d2a1a4131b2a40bcce7f3f5375aff7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: d5d8fdde-048f-4705-9fa4-99fd7d29d804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f582DETSIAMFmEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a826-52a3b175584df1914260c8ae;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wUaruDuqNDIlR6CWz9G7DAofcvS7UNmtPM7C2ve-RRbp57J43rWPxQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:09:02 GMT
age: 12841
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe800d6af728cd622a6192ad5e7dda6a
3a301dd894fc428c7d1863c9d5eaf2652f5c2083
f4923c211ef24e933bbe73bd8d2033d6b6da4a9fa0c9d4699a1041a7bd8bf5a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12216
x-amzn-requestid: cc61a63b-35fe-4bfa-ad20-1db3f4165446
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFrCIAMFoYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-2b5e27c62218510b74ea0989;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: C1EXSLUCdc9GzSKxUzv9_uWK4ZTqggdr03uVW5SWuZwVVSn2wc4k7w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 35942
etag: "3a301dd894fc428c7d1863c9d5eaf2652f5c2083"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
193.108.118.121200 OK 42 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 30863b433c65bed32643bf79a5f8a735
da64e4140b22da8be785ef7e01039d520c744319
97f0466c303f66ae6f0bd29eae5c750399be033ddb4229264790f7a2e4eda68f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33b061f03be149fea0df63b42a8ec226
e5e491c6ef8b6234450a34ee5df28b9a58a8ad43
a5970bbb40be173878cd2e920bd1a6ed27775fbdc222bb66ccbc5969984882f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4269
x-amzn-requestid: df152b3a-fa15-4dac-96f9-41b9ea8e5136
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkQH5PoAMFl1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c481-63636a42419209fb0c17eceb;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViawdcUij4_pKnUmO34Oaqjmbtv19ModMaku0MWYTHDeLCR1ikzB_A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 36060
etag: "e5e491c6ef8b6234450a34ee5df28b9a58a8ad43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hLrbI5Acy2RBlg7VqGE2b83zuqgt-bx0kD0nlH8uYaJ8tii2FqMLfw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 14:35:27 GMT
age: 61656
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/lp.js
193.108.118.121200 OK 1.4 kB URL HTTP/2 2.news-civuse.com/lands/38/lp.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/lp.js HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/revopush.js?v=4
193.108.118.121200 OK 10 kB URL HTTP/2 2.news-civuse.com/revopush.js?v=4
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (9954), with no line terminators
Hash fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
GET /revopush.js?v=4 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
193.108.118.121200 OK 4.0 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
193.108.118.121200 OK 6.0 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
193.108.118.121200 OK 8.3 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
193.108.118.121200 OK 1.4 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
193.108.118.121200 OK 12 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd
GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
144.76.158.184429 Too Many Requests 162 B URL HTTP/1.1 errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP 144.76.158.184:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae
POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 135
Origin: https://1.news-civuse.com
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:04 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
193.108.118.121200 OK 22 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
193.108.118.121200 OK 28 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Hash c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
193.108.118.121200 OK 17 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=13259
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
193.108.118.121200 OK 11 kB URL HTTP/2 1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
193.108.118.121200 OK 14 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=20258
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
193.108.118.121200 OK 13 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
193.108.118.121200 OK 16 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
193.108.118.121200 OK 18 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
193.108.118.121200 OK 2.4 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=1576
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
193.108.118.121200 OK 9.6 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=5483
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
193.108.118.121200 OK 15 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=12682
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
193.108.118.121200 OK 10 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=17420
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
193.108.118.121200 OK 8.3 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
193.108.118.121200 OK 9.3 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
193.108.118.121200 OK 9.9 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
193.108.118.121200 OK 8.9 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
193.108.118.121200 OK 20 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=23823
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
193.108.118.121200 OK 15 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
193.108.118.121200 OK 24 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
193.108.118.121200 OK 887 B URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash 609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
193.108.118.121200 OK 1.2 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
193.108.118.121200 OK 1.7 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
193.108.118.121200 OK 1.1 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
193.108.118.121200 OK 2.4 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/jquery-3.2.1.min.js
193.108.118.121200 OK 32 kB URL HTTP/2 2.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 47237e0c30d0fedab08abc260a22ce46
cb0bfad358135ae703e0355bed5826cba160da8a
0385523da1cd345081b9aacc6c0d827da2a04b3db93b3c16cf1e42ee577c7472
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
193.108.118.121200 OK 3.1 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
193.108.118.121200 OK 10 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 0b9dd427f672286e6afbe41793e5efbc
19b5221de0b657c39420189b17af7fa2fda8d4c5
b5fa54c80bbadde42e85a5e8d6fd55ea324109c5e585feca9258870a47e71ffc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
193.108.118.121200 OK 1.6 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
193.108.118.121200 OK 887 B URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
193.108.118.121200 OK 841 B URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
193.108.118.121200 OK 4.6 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
193.108.118.121200 OK 7.0 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
193.108.118.121200 OK 4.3 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
193.108.118.121200 OK 4.0 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
193.108.118.121200 OK 8.6 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
193.108.118.121200 OK 5.1 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
193.108.118.121200 OK 7.9 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
193.108.118.121200 OK 4.7 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
193.108.118.121200 OK 6.8 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
193.108.118.121200 OK 1.9 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/sw.js
193.108.118.121200 OK 4.2 kB IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4168)
Hash 569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/index.php_files/pu.swf
193.108.118.121200 OK 2.0 kB URL HTTP/2 2.news-civuse.com/lands/38/index.php_files/pu.swf
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=13259
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=20258
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=1576
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=5483
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=12682
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=17420
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=23823
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
193.108.118.121200 OK 234 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size 234 kB (234218 bytes)
Hash 60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6
GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
193.108.118.121200 OK 8.2 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 09a3857817c56da56ca915546555bb33
4eef039030de077e7e63d2894f7d0951b1e137c8
44b605c2a3dcc7994d49fb945c6731ed8f03fc7154ab70f7c805c5b6e810e07f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:04 GMT
age: 7654111
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/favicon.png
193.108.118.121200 OK 1.2 kB URL HTTP/2 2.news-civuse.com/lands/38/favicon.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50
GET /lands/38/favicon.png HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/lp.js
193.108.118.121200 OK 1.4 kB URL HTTP/2 3.news-civuse.com/lands/38/lp.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/lp.js HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/revopush.js?v=4
193.108.118.121200 OK 10 kB URL HTTP/2 3.news-civuse.com/revopush.js?v=4
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (9954), with no line terminators
Hash fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
GET /revopush.js?v=4 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
193.108.118.121200 OK 4.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
193.108.118.121200 OK 36 kB URL HTTP/2 2.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 792eec61ff2516f9e786d63e1086ac07
92aa320e035635fc6842dff713aee3dbde67655c
0c01c10aa97cf140dec14a12cf6892d696a781ea8034142ddb506ee7b576a31b
GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
193.108.118.121200 OK 6.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
193.108.118.121200 OK 8.3 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
193.108.118.121200 OK 1.4 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
193.108.118.121200 OK 12 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd
GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
193.108.118.121200 OK 22 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
193.108.118.121200 OK 28 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Hash c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
193.108.118.121200 OK 17 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
12 kB URL 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP :0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
193.108.118.121200 OK 11 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
193.108.118.121200 OK 14 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
193.108.118.121200 OK 13 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
193.108.118.121200 OK 16 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
193.108.118.121200 OK 18 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
193.108.118.121200 OK 2.4 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
193.108.118.121200 OK 9.6 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
193.108.118.121200 OK 15 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
193.108.118.121200 OK 10 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
193.108.118.121200 OK 8.3 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
193.108.118.121200 OK 9.3 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/jquery-3.2.1.min.js
193.108.118.121200 OK 40 kB URL HTTP/2 3.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash a5a035d418f1c98c6dd1b5311cc8389d
67e9a9e08fa1c82fd668377d5a5d198750b8d18b
771f9b800926e9262eec139cfc221518c857ce6eebd67215e892ad29decd411f
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=13259
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
193.108.118.121200 OK 11 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash a0bd8fc4369589e155458ef80626040b
1bca34e4cf03de587d454580868a132b0957b873
160cca693a3e0a0a865b6c811a4a2e49983b06f3454d50bcb883e5dcc7137b48
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=1576
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
193.108.118.121200 OK 39 kB URL HTTP/2 2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 0c8661a8942115404d9e13649d92dd18
45ccb507a41f9be8c71a597833da469f6e4b458c
bb03c89e87299b9ae58e93d4e2fe79cada2623178419d00443d4953af4ef2cdf
GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:04 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
193.108.118.121200 OK 5.3 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash a5804562fb31668fa149b7b9c0620034
89494d5e286d7246d643fd1b10007e4112a2de8b
46e7b1862cfc231947c65b59a32333f08851d2469b7eca150a00833486de9410
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
193.108.118.121200 OK 18 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash edfc900e8b3d847808c25f9f43544113
9addd7b820d2e2ad503be8a4f32b1125987f4cb2
0377d19dc05d393a33f9b0fa98b5612b5172cb1a66a673162cfd95462736ec00
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
193.108.118.121200 OK 52 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 48955885180897751b8095ce9e03fb8a
8e18e4fab5c2514663bf1f572b1582e439d31896
cbb13362fea9ecae84dc4221391c484f63ff8483d7d3891e83eaac092a60cf60
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
193.108.118.121200 OK 15 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
193.108.118.121200 OK 24 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
193.108.118.121200 OK 887 B URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=17420
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
193.108.118.121200 OK 32 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash e775e9d6fb489e8292ab592b55bb8e57
4a968dae9ef6c025b655ce8fa9c2f51a5058098c
435e00d163ce0c23d1ca047cc9854375d3775339d28345b366d49b1905b178f5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
193.108.118.121200 OK 6.7 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash aae89e95d4f9d9a49823ec325f2ffd43
cd6cf756a4368a2cc7ad9c38916629314c1e8acb
c2ae5810d291a891a368c72b104125df425f942f9e1c05eb7c80309d8311df31
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
193.108.118.121200 OK 1.2 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
193.108.118.121200 OK 1.7 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
193.108.118.121200 OK 17 kB URL HTTP/2 2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash a12e8ee1fa1ef71acc11895f06c89f01
e1a2d57787e5ece3580084bde73b74cacb9797f6
459879a1857cb425aa3adf9a0adc8862f2adbf06d8c0e064983aa281a59490bc
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
193.108.118.121200 OK 1.1 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
193.108.118.121200 OK 2.4 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
193.108.118.121200 OK 13 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 71a09fd423d03523e836dfdce6adc335
aeb3b1ce25e3b8f27edfee2d9e88875c472b48a2
8505ec15da9ba12c3ca91ba9ce4be41af7dec5379eee4f7d76fabdc958fe9519
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
193.108.118.121200 OK 6.1 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash d80f2f7a42e56657afe80e64778b4c50
5c90f44f03094501e4c82097b6f7738f9f16c786
32dd8bb782d745fa221bad514ecd115017b2f26fe100ccc9aaa710751420260c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
193.108.118.121200 OK 1.6 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
193.108.118.121200 OK 887 B URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
193.108.118.121200 OK 841 B URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
193.108.118.121200 OK 4.6 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
193.108.118.121200 OK 7.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
193.108.118.121200 OK 4.3 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
193.108.118.121200 OK 4.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
193.108.118.121200 OK 8.6 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
193.108.118.121200 OK 5.1 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
193.108.118.121200 OK 7.9 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
193.108.118.121200 OK 4.7 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
193.108.118.121200 OK 6.8 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
193.108.118.121200 OK 1.9 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/sw.js
193.108.118.121200 OK 4.2 kB IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4168)
Hash 569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=13258
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/index.php_files/pu.swf
193.108.118.121200 OK 2.0 kB URL HTTP/2 3.news-civuse.com/lands/38/index.php_files/pu.swf
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=20257
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=1575
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=5482
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=12681
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=17419
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=23822
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
193.108.118.121200 OK 234 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size 234 kB (234218 bytes)
Hash 60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6
GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:05 GMT
age: 7654112
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/favicon.png
193.108.118.121200 OK 1.2 kB URL HTTP/2 3.news-civuse.com/lands/38/favicon.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50
GET /lands/38/favicon.png HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
193.108.118.121200 OK 7.7 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash b1582ad9a83a227028dade6f5b3512ae
b348cb790f6c4ac837b8553dffd63a275401a07f
48d4cc8779a804c02fdf060b477a0871d9202146ac37334254d07b4c527c23b4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
4.news-civuse.com/revopush.js?v=4
193.108.118.121200 OK 10 kB URL HTTP/2 4.news-civuse.com/revopush.js?v=4
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (9954), with no line terminators
Hash fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
GET /revopush.js?v=4 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
193.108.118.121200 OK 4.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
193.108.118.121200 OK 6.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
193.108.118.121200 OK 8.3 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
193.108.118.121200 OK 1.4 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
193.108.118.121200 OK 12 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd
GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
193.108.118.121200 OK 22 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
193.108.118.121200 OK 28 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Hash c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
193.108.118.121200 OK 17 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
193.108.118.121200 OK 11 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
193.108.118.121200 OK 14 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
193.108.118.121200 OK 13 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
193.108.118.121200 OK 16 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
193.108.118.121200 OK 18 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=13258
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
3.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
193.108.118.121200 OK 258 B URL HTTP/2 3.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 81cb47fd5e709fc77e52147a8965b64b
0a012ceb0c3df44b13dfc801c79f876f79d4d0ff
d5d8d63d3ff51f9a568cbe25b785d2f30a9b8a65564ef28a91115526158f0d09
GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
193.108.118.121200 OK 2.4 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=20257
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
193.108.118.121200 OK 9.6 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=1575
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
193.108.118.121200 OK 15 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=5482
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
193.108.118.121200 OK 10 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=12681
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=17419
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
193.108.118.121200 OK 8.3 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=23822
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
193.108.118.121200 OK 9.3 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
193.108.118.121200 OK 9.9 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
193.108.118.121200 OK 8.9 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
193.108.118.121200 OK 20 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
193.108.118.121200 OK 15 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
193.108.118.121200 OK 24 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
193.108.118.121200 OK 887 B URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash 609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
193.108.118.121200 OK 1.2 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
193.108.118.121200 OK 1.7 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
193.108.118.121200 OK 1.1 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
193.108.118.121200 OK 2.4 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
193.108.118.121200 OK 2.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash 3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
193.108.118.121200 OK 3.1 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
193.108.118.121200 OK 1.6 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
193.108.118.121200 OK 887 B URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
193.108.118.121200 OK 841 B URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
193.108.118.121200 OK 4.6 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
193.108.118.121200 OK 7.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
193.108.118.121200 OK 4.3 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
193.108.118.121200 OK 4.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
193.108.118.121200 OK 8.6 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
193.108.118.121200 OK 5.1 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
193.108.118.121200 OK 7.9 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
193.108.118.121200 OK 4.7 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
193.108.118.121200 OK 6.8 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
193.108.118.121200 OK 1.9 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/sw.js
193.108.118.121200 OK 4.2 kB IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4168)
Hash 569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/index.php_files/pu.swf
193.108.118.121200 OK 2.0 kB URL HTTP/2 4.news-civuse.com/lands/38/index.php_files/pu.swf
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=13258
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=20257
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=1575
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=5482
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
193.108.118.121200 OK 6.3 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 4017230a30fd2de81422baf57cc42ff6
70e0ec756de5ff3e7da696aa5b187f4344793bd0
c4a26437ec996731964beb8292fea2593d775e127586b4ae54e1b974b885a1b4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=12681
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=23822
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
193.108.118.121200 OK 234 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size 234 kB (234218 bytes)
Hash 60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6
GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:06 GMT
age: 7654113
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/favicon.png
193.108.118.121200 OK 1.2 kB URL HTTP/2 4.news-civuse.com/lands/38/favicon.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50
GET /lands/38/favicon.png HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/lp.js
193.108.118.121200 OK 1.4 kB URL HTTP/2 5.news-civuse.com/lands/38/lp.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/lp.js HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/revopush.js?v=4
193.108.118.121200 OK 10 kB URL HTTP/2 5.news-civuse.com/revopush.js?v=4
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (9954), with no line terminators
Hash fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
GET /revopush.js?v=4 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
193.108.118.121200 OK 4.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
193.108.118.121200 OK 6.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
193.108.118.121200 OK 8.3 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
193.108.118.121200 OK 1.4 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
193.108.118.121200 OK 12 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd
GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
193.108.118.121200 OK 67 kB URL HTTP/2 4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash c64185fd042e027cee70d91b726b4827
449df038ad946b21d376c463cda0da151ee70c0d
4a7fc9125c7eea72707572bf5561804ccac45fc9047b8e5cbcc4ce9ef623b583
GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:05 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
193.108.118.121200 OK 60 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 32c8104a7e0e416c57b614cc3f00455e
842f99f746ecb1610b1d7a8d10501733cec0a3ba
a160c686a2a97e90b39774f9f182ec9d727ccce2f781eaf4d45d770e645506c5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
193.108.118.121200 OK 17 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
193.108.118.121200 OK 16 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 7d2f4cac627b252599add0115cee197e
d9b9d55fbbc9b2917c40f71a4d6d26aa43d5ea9f
359f6326fd88335977d492fd532c3fddc2cfd2b2c025ea904c384348c98ab2bb
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
193.108.118.121200 OK 14 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
193.108.118.121200 OK 13 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
193.108.118.121200 OK 16 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
193.108.118.121200 OK 18 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
193.108.118.121200 OK 2.4 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
193.108.118.121200 OK 9.6 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
193.108.118.121200 OK 15 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
193.108.118.121200 OK 21 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 3138cc1cff02d3f560f4b65dbf1af266
a147c2382f1dfd550aa397a84aaef5a6f9e8e6e1
89ea55f0185574c7bdd4d8248103ef9d8a0431870da53bb792357a6d664e0292
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
193.108.118.121200 OK 8.3 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
193.108.118.121200 OK 9.3 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=13257
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
193.108.118.121200 OK 9.9 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=20256
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=1574
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
193.108.118.121200 OK 8.9 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=5481
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=12680
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
193.108.118.121200 OK 15 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 6132361884c152e15cbd028d356d809e
c8d6fa48f4305ea002b94939384ae37608e6bdb8
b114fe2f4518ad3d566c288c00814ceb29ac62cc930cfa382d59201d79823886
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=17418
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
193.108.118.121200 OK 20 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
193.108.118.121200 OK 15 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=23821
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
193.108.118.121200 OK 24 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
193.108.118.121200 OK 887 B URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash 609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
193.108.118.121200 OK 1.2 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
144.76.158.184429 Too Many Requests 162 B URL HTTP/1.1 errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP 144.76.158.184:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae
POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 136
Origin: https://4.news-civuse.com
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:06 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
193.108.118.121200 OK 1.7 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
193.108.118.121200 OK 1.1 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
193.108.118.121200 OK 2.4 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
193.108.118.121200 OK 2.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash 3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
193.108.118.121200 OK 3.1 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
193.108.118.121200 OK 1.6 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
193.108.118.121200 OK 887 B URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
193.108.118.121200 OK 841 B URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
193.108.118.121200 OK 4.6 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
193.108.118.121200 OK 7.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
193.108.118.121200 OK 4.3 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
193.108.118.121200 OK 4.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
193.108.118.121200 OK 8.6 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
193.108.118.121200 OK 5.1 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
193.108.118.121200 OK 7.9 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
193.108.118.121200 OK 4.7 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
193.108.118.121200 OK 6.8 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
193.108.118.121200 OK 1.9 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/sw.js
193.108.118.121200 OK 4.2 kB IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4168)
Hash 569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/index.php_files/pu.swf
193.108.118.121200 OK 2.0 kB URL HTTP/2 5.news-civuse.com/lands/38/index.php_files/pu.swf
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=13257
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=20256
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=1574
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=5481
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=12680
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=17418
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
193.108.118.121200 OK 6.3 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 4017230a30fd2de81422baf57cc42ff6
70e0ec756de5ff3e7da696aa5b187f4344793bd0
c4a26437ec996731964beb8292fea2593d775e127586b4ae54e1b974b885a1b4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
193.108.118.121200 OK 234 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size 234 kB (234218 bytes)
Hash 60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6
GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/favicon.png
193.108.118.121200 OK 1.2 kB URL HTTP/2 5.news-civuse.com/lands/38/favicon.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50
GET /lands/38/favicon.png HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:06 GMT
age: 7654114
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
144.76.158.184429 Too Many Requests 162 B URL HTTP/1.1 errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP 144.76.158.184:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae
POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 136
Origin: https://5.news-civuse.com
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
6.news-civuse.com/lands/38/lp.js
193.108.118.121200 OK 1.4 kB URL HTTP/2 6.news-civuse.com/lands/38/lp.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/lp.js HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/revopush.js?v=4
193.108.118.121200 OK 10 kB URL HTTP/2 6.news-civuse.com/revopush.js?v=4
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (9954), with no line terminators
Hash fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
GET /revopush.js?v=4 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
193.108.118.121200 OK 4.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
193.108.118.121200 OK 6.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
193.108.118.121200 OK 8.3 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
193.108.118.121200 OK 1.4 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
193.108.118.121200 OK 44 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash d50bf3d8c50f1a241b063cb47fba6e9d
a007edfbdad344a9b5a0abe8ea11d0bf5c8a9ba0
864ac06ee263fddc1ba10a5b353b0f4c268894c81ef9a1897045797063e4c8ce
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
193.108.118.121200 OK 22 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
193.108.118.121200 OK 28 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Hash c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
193.108.118.121200 OK 17 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=13256
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/jquery-3.2.1.min.js
193.108.118.121200 OK 41 kB URL HTTP/2 5.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash b383d8d2d834243b6608f9e319bc827b
7566f4226ca85a11da318fee862c2fa574df8592
f1905749666498478245f03878ab672a668bd4d230076305fd725d1b7ea77b54
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=20255
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=1573
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
193.108.118.121200 OK 14 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=5480
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
193.108.118.121200 OK 24 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 35ad7142cfd8ada78724e9f9a06da410
ee980db6bce929b6ef9ddd7a69c550a4b939f24b
bdee9356af1e213888b40d1b4afa2e014edf7ed98575dd8d6b6efe97ba357c26
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=17417
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
4.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
193.108.118.121200 OK 25 kB URL HTTP/2 4.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 8b795c2b91a6b43ad572e74520f6e107
e405eb0b864f5ebc9bbefe43bf8cb9e39d1e5258
5f7db99273d3d30979c6612befaea09147ef1395cd185e709ef6570a8c35f20c
GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/jquery-3.2.1.min.js
193.108.118.121200 OK 45 kB URL HTTP/2 4.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash d3d70b4e5e650c184bc241b51c878759
1a2a11eeaa65028f331b74c62e31f786d77dbb90
12ec3a96d554277a2196a80d1837a592b519e83f417ec0f8a6676cd0e9b92ac1
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
193.108.118.121200 OK 18 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=23820
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
193.108.118.121200 OK 2.4 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
193.108.118.121200 OK 9.6 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
193.108.118.121200 OK 15 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
193.108.118.121200 OK 10 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
193.108.118.121200 OK 8.3 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
193.108.118.121200 OK 9.3 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
193.108.118.121200 OK 9.9 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
193.108.118.121200 OK 8.9 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
193.108.118.121200 OK 20 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
193.108.118.121200 OK 15 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
193.108.118.121200 OK 24 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
193.108.118.121200 OK 4.0 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 58f45cb856dfa07dda99194fc06a97a0
0fbd28090d0a450a91ef994a68d2de8c083cbc4b
7dfa83341ace1c46f9de4515aa024521e33b5401fc9d254658d200d7f6d9870f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash 609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
193.108.118.121200 OK 1.2 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
193.108.118.121200 OK 1.7 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
193.108.118.121200 OK 1.1 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
193.108.118.121200 OK 18 kB URL HTTP/2 4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 716c8dbe856fe8c17a861b03dd55ca3c
0a4644945e82115e5acfdcd0f3d15be32baedf60
7f96a991d6eda92522c7899a3a168098075e49677df59d7e2ce5b39c06ec8cb1
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
193.108.118.121200 OK 2.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash 3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
193.108.118.121200 OK 3.1 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
193.108.118.121200 OK 1.6 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
193.108.118.121200 OK 887 B URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
193.108.118.121200 OK 841 B URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
193.108.118.121200 OK 4.6 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
193.108.118.121200 OK 7.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
193.108.118.121200 OK 4.3 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
193.108.118.121200 OK 4.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
193.108.118.121200 OK 8.6 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
193.108.118.121200 OK 5.1 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
193.108.118.121200 OK 7.9 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
193.108.118.121200 OK 4.7 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
193.108.118.121200 OK 6.8 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
193.108.118.121200 OK 1.9 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
193.108.118.121200 OK 13 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash cbf24afd88ae740f7af2d1fc54951d5a
92549eac63c65aa59e87592ee546158249ab3e82
ede287d5f255c962af499a77f1a2a6d6f37c0600f59190fe52b816b922a1ef64
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/index.php_files/pu.swf
193.108.118.121200 OK 2.0 kB URL HTTP/2 6.news-civuse.com/lands/38/index.php_files/pu.swf
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=13256
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
193.108.118.121200 OK 11 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash a0bd8fc4369589e155458ef80626040b
1bca34e4cf03de587d454580868a132b0957b873
160cca693a3e0a0a865b6c811a4a2e49983b06f3454d50bcb883e5dcc7137b48
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=1573
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=5480
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=12679
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=17417
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=23820
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
144.76.158.184429 Too Many Requests 162 B URL HTTP/1.1 errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP 144.76.158.184:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae
POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6.news-civuse.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://6.news-civuse.com
Content-Length: 1252
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
193.108.118.121200 OK 237 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Size 237 kB (237289 bytes)
Hash a6c2df9c449d6f6a426720cb3a436bc1
a63dc54df9b7fa583f9ef17a9c42996f6936ad63
64bc4d3c53048b1ba04eb93ebd1463749c72da342842422401ebb5106500c139
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:07 GMT
age: 7654115
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/favicon.png
193.108.118.121200 OK 1.2 kB URL HTTP/2 6.news-civuse.com/lands/38/favicon.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50
GET /lands/38/favicon.png HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/lp.js
193.108.118.121200 OK 1.4 kB URL HTTP/2 7.news-civuse.com/lands/38/lp.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/lp.js HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
6.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
193.108.118.121200 OK 10 kB URL HTTP/2 6.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 390e05b44103335be7b86fc447441434
55f274f6ced76532174b02cbc8cd90647688ee94
d60a76f7e87eead3f7278f31db81f98c1e3fa08518de9850b6e1e26749abdddc
GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
144.76.158.184429 Too Many Requests 162 B URL HTTP/1.1 errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP 144.76.158.184:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae
POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 136
Origin: https://6.news-civuse.com
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
193.108.118.121200 OK 4.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
193.108.118.121200 OK 6.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
193.108.118.121200 OK 8.3 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
193.108.118.121200 OK 1.4 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
193.108.118.121200 OK 12 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd
GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
193.108.118.121200 OK 22 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
193.108.118.121200 OK 48 kB URL HTTP/2 5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash b72dcd3af41dd86f0e6441a480e2807d
c365c9cd33e5879e1f428d384c3ca04f69290eea
cfa148562f652050db46abe78bfc537965772427fcf8e801c37f2838c765c45f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
193.108.118.121200 OK 17 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
193.108.118.121200 OK 11 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
193.108.118.121200 OK 14 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=13255
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
193.108.118.121200 OK 13 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=20254
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
193.108.118.121200 OK 16 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
193.108.118.121200 OK 18 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
193.108.118.121200 OK 2.4 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=1572
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
193.108.118.121200 OK 9.6 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=5479
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
193.108.118.121200 OK 15 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=12678
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
193.108.118.121200 OK 10 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
193.108.118.121200 OK 8.3 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
193.108.118.121200 OK 9.3 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
193.108.118.121200 OK 9.9 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=17416
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
193.108.118.121200 OK 8.9 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=23819
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
193.108.118.121200 OK 20 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
193.108.118.121200 OK 15 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
193.108.118.121200 OK 40 kB URL HTTP/2 7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash d2bf6e29d8f14d63aa33369201d9e48b
407f4415eb51f3989224744631e6735081368d97
8b102403c794d0daaa2e33f521b5d9431264915e12cd741f040cb0888a3cea85
GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:07 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
193.108.118.121200 OK 24 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
193.108.118.121200 OK 887 B URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
193.108.118.121200 OK 1.2 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
193.108.118.121200 OK 1.7 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
193.108.118.121200 OK 1.1 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
193.108.118.121200 OK 2.4 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
193.108.118.121200 OK 2.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash 3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
193.108.118.121200 OK 3.1 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
193.108.118.121200 OK 1.6 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
193.108.118.121200 OK 887 B URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
193.108.118.121200 OK 841 B URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
193.108.118.121200 OK 4.6 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
193.108.118.121200 OK 7.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
193.108.118.121200 OK 4.3 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
193.108.118.121200 OK 4.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
193.108.118.121200 OK 8.6 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
193.108.118.121200 OK 5.1 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
193.108.118.121200 OK 7.9 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
193.108.118.121200 OK 4.7 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
193.108.118.121200 OK 6.8 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
193.108.118.121200 OK 1.9 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/sw.js
193.108.118.121200 OK 4.2 kB IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4168)
Hash 569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
193.108.118.121200 OK 32 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash e775e9d6fb489e8292ab592b55bb8e57
4a968dae9ef6c025b655ce8fa9c2f51a5058098c
435e00d163ce0c23d1ca047cc9854375d3775339d28345b366d49b1905b178f5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
193.108.118.121200 OK 5.3 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash a5804562fb31668fa149b7b9c0620034
89494d5e286d7246d643fd1b10007e4112a2de8b
46e7b1862cfc231947c65b59a32333f08851d2469b7eca150a00833486de9410
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/index.php_files/pu.swf
193.108.118.121200 OK 2.0 kB URL HTTP/2 7.news-civuse.com/lands/38/index.php_files/pu.swf
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=1572
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=5479
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
193.108.118.121200 OK 11 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash a0bd8fc4369589e155458ef80626040b
1bca34e4cf03de587d454580868a132b0957b873
160cca693a3e0a0a865b6c811a4a2e49983b06f3454d50bcb883e5dcc7137b48
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=17416
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
193.108.118.121200 OK 6.3 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 4017230a30fd2de81422baf57cc42ff6
70e0ec756de5ff3e7da696aa5b187f4344793bd0
c4a26437ec996731964beb8292fea2593d775e127586b4ae54e1b974b885a1b4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
193.108.118.121200 OK 234 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size 234 kB (234218 bytes)
Hash 60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6
GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/favicon.png
193.108.118.121200 OK 1.2 kB URL HTTP/2 7.news-civuse.com/lands/38/favicon.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50
GET /lands/38/favicon.png HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:08 GMT
age: 7654115
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/lp.js
193.108.118.121200 OK 1.4 kB URL HTTP/2 8.news-civuse.com/lands/38/lp.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/lp.js HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/revopush.js?v=4
193.108.118.121200 OK 10 kB URL HTTP/2 8.news-civuse.com/revopush.js?v=4
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (9954), with no line terminators
Hash fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
GET /revopush.js?v=4 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
193.108.118.121200 OK 4.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
193.108.118.121200 OK 6.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
193.108.118.121200 OK 8.3 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
193.108.118.121200 OK 1.4 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
193.108.118.121200 OK 15 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 21a0278f39a11a367beafc68a555e4b9
10ef4336dd44e9cf36078e2de6c6f2e48b524953
0ed9c68f2f0e31defe7e526b6430c20f31d34c307a07c3e1dec83889914a276a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
193.108.118.121200 OK 22 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
193.108.118.121200 OK 28 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Hash c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
193.108.118.121200 OK 17 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=13255
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
193.108.118.121200 OK 11 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
193.108.118.121200 OK 14 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
193.108.118.121200 OK 13 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
193.108.118.121200 OK 16 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
193.108.118.121200 OK 18 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
193.108.118.121200 OK 2.4 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
193.108.118.121200 OK 9.6 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
193.108.118.121200 OK 15 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=20254
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
193.108.118.121200 OK 10 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
193.108.118.121200 OK 8.3 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
193.108.118.121200 OK 9.3 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
193.108.118.121200 OK 9.9 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
193.108.118.121200 OK 8.9 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
193.108.118.121200 OK 20 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=1572
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
193.108.118.121200 OK 15 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=5479
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
7.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
193.108.118.121200 OK 258 B URL HTTP/2 7.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash a6295261dc9977964e063671b7db44d4
f2d4b1b03df0886c43e50c6fc7bcb9fb81d0d9ea
03e25b1e7da06c28dc3a7e095f3f3d97300ec3f8d3e5b7946b9d495cea96611c
GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=17416
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=12678
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
193.108.118.121200 OK 24 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
193.108.118.121200 OK 16 kB URL HTTP/2 3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 97e3f69c698a2621b8fd1ad063e2699c
c2b6a0b171c786701ba60ce9fb580eeead6185db
33eb36f55e6073d91995fdbebbe5f43b7dd4784fcbefb9dc7e28411cb7a5ce46
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash 609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
193.108.118.121200 OK 1.2 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
193.108.118.121200 OK 1.7 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=23819
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
193.108.118.121200 OK 1.1 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
193.108.118.121200 OK 2.4 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
193.108.118.121200 OK 2.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash 3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
193.108.118.121200 OK 3.1 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
193.108.118.121200 OK 1.6 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
193.108.118.121200 OK 887 B URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
193.108.118.121200 OK 841 B URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
193.108.118.121200 OK 4.6 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
193.108.118.121200 OK 7.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
193.108.118.121200 OK 4.3 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
193.108.118.121200 OK 4.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
193.108.118.121200 OK 8.6 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
193.108.118.121200 OK 5.1 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
193.108.118.121200 OK 7.9 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
193.108.118.121200 OK 4.7 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
193.108.118.121200 OK 6.8 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
193.108.118.121200 OK 1.9 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
193.108.118.121200 OK 13 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash cbf24afd88ae740f7af2d1fc54951d5a
92549eac63c65aa59e87592ee546158249ab3e82
ede287d5f255c962af499a77f1a2a6d6f37c0600f59190fe52b816b922a1ef64
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
193.108.118.121200 OK 34 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash dc210e8ff9fbe14f7c12066e2070a896
71c6193625e64429d227e24914a0de43e0844f18
71e31e8461c1247ae841a4fbcdbe8679c8a460bbb2e565d39fed8764a39aaa51
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=13254
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
193.108.118.121200 OK 11 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash a0bd8fc4369589e155458ef80626040b
1bca34e4cf03de587d454580868a132b0957b873
160cca693a3e0a0a865b6c811a4a2e49983b06f3454d50bcb883e5dcc7137b48
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=1571
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
193.108.118.121200 OK 9.3 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash beb5e259cd401279b30df2a10854795e
af40735affa5d2e3ef823a96c2c8a739df83e2ca
2786723a35d418ebe071068c71c7a85c10d47ea7157a95e6a2de41ecb02127d7
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=12677
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
193.108.118.121200 OK 5.3 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash a5804562fb31668fa149b7b9c0620034
89494d5e286d7246d643fd1b10007e4112a2de8b
46e7b1862cfc231947c65b59a32333f08851d2469b7eca150a00833486de9410
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
193.108.118.121200 OK 15 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 47018d77ac880c943294621a3afbc8cb
80782444b7072461ad62a80c42b9359b84f740d0
74875aac38e0edf501ee44c6bb21ac09b6f552a5d9e70c605a8199e9cd30d4b9
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
193.108.118.121200 OK 234 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size 234 kB (234218 bytes)
Hash 60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6
GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/favicon.png
193.108.118.121200 OK 1.2 kB URL HTTP/2 8.news-civuse.com/lands/38/favicon.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50
GET /lands/38/favicon.png HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:09 GMT
age: 7654116
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/lp.js
193.108.118.121200 OK 1.4 kB URL HTTP/2 9.news-civuse.com/lands/38/lp.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/lp.js HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/revopush.js?v=4
193.108.118.121200 OK 10 kB URL HTTP/2 9.news-civuse.com/revopush.js?v=4
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (9954), with no line terminators
Hash fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
GET /revopush.js?v=4 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
193.108.118.121200 OK 4.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
8.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
193.108.118.121200 OK 36 kB URL HTTP/2 8.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 1389e18ee7010f86f009837b2d777e09
3a028d6570d234bc89f5780ea63b69ebff315cd9
9f0c0c668623b25996b951a4a15ed8f400fb748b5785c53dc89719f30af30928
GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
193.108.118.121200 OK 6.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
193.108.118.121200 OK 8.3 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
193.108.118.121200 OK 1.4 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
193.108.118.121200 OK 12 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd
GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
193.108.118.121200 OK 22 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
193.108.118.121200 OK 28 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Hash c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
193.108.118.121200 OK 17 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
193.108.118.121200 OK 11 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
193.108.118.121200 OK 14 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
193.108.118.121200 OK 13 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
193.108.118.121200 OK 16 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
193.108.118.121200 OK 18 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
193.108.118.121200 OK 2.4 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
193.108.118.121200 OK 9.6 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
193.108.118.121200 OK 15 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
193.108.118.121200 OK 10 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=13254
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
193.108.118.121200 OK 8.3 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
193.108.118.121200 OK 9.3 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
193.108.118.121200 OK 9.9 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=20253
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
193.108.118.121200 OK 8.9 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=1571
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
193.108.118.121200 OK 20 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
193.108.118.121200 OK 15 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=5478
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
193.108.118.121200 OK 24 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=12677
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
193.108.118.121200 OK 887 B URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=17415
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash 609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=23818
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
193.108.118.121200 OK 1.2 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
193.108.118.121200 OK 1.7 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
193.108.118.121200 OK 1.1 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
193.108.118.121200 OK 2.4 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
193.108.118.121200 OK 2.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash 3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
193.108.118.121200 OK 3.1 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
193.108.118.121200 OK 1.6 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/jquery-3.2.1.min.js
193.108.118.121200 OK 31 kB URL HTTP/2 9.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash ae2c9d3ebdf6b1276f99509ceb9f1758
e4de1c6f990c9d623f3b92b90a1c48325b9d696e
c0662248ec8560947f68f82b9f0c9b816c6478bdffedcce24c7432998d049351
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
193.108.118.121200 OK 841 B URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
193.108.118.121200 OK 12 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash d999d1918e992b4e70345e061799eeb2
5b13608fc724d4941a9a534ba3b0e50a3e63f4f9
4b7bf3891bd33ef6e0b6b80074e52b103eb41301e3d6d804b2c3955191eeb53f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
193.108.118.121200 OK 4.6 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
193.108.118.121200 OK 7.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
193.108.118.121200 OK 4.3 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
193.108.118.121200 OK 36 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 67e100b50e9cef8f1bf97101c45da758
416e3f3920a660d1ec6ca544b230dc58e1a44baf
4e49c9d2dc35c9cec36e24f574a5d8922d47a23cd02d91664edfd24c8dbf621b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
193.108.118.121200 OK 8.6 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
193.108.118.121200 OK 10 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash fdbb28babe20c643a6ace02b061f1a41
f1003601b4d333a116f2c588ed5ed9ab6c27d4dc
974ea8d2604861658fae0c360a3906a282698afef1ffcc66ae36aee8a9f129e8
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
193.108.118.121200 OK 7.9 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
193.108.118.121200 OK 4.7 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
193.108.118.121200 OK 6.8 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
193.108.118.121200 OK 13 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 7efcc3076a615ca5632f9ec7715afee0
85ecf3ced5acfff9ec04f2ea650284bf1aab91c4
a4512568479f5afd9723fe25b1795ee1b17ec8274e9b3bd4d076d0f4353fdf0f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
9.news-civuse.com/sw.js
193.108.118.121200 OK 4.2 kB IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4168)
Hash 569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/index.php_files/pu.swf
193.108.118.121200 OK 2.0 kB URL HTTP/2 9.news-civuse.com/lands/38/index.php_files/pu.swf
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=13253
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=20252
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
193.108.118.121200 OK 15 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 47018d77ac880c943294621a3afbc8cb
80782444b7072461ad62a80c42b9359b84f740d0
74875aac38e0edf501ee44c6bb21ac09b6f552a5d9e70c605a8199e9cd30d4b9
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=12676
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=5477
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=17414
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=23817
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
193.108.118.121200 OK 8.2 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 09a3857817c56da56ca915546555bb33
4eef039030de077e7e63d2894f7d0951b1e137c8
44b605c2a3dcc7994d49fb945c6731ed8f03fc7154ab70f7c805c5b6e810e07f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
193.108.118.121200 OK 234 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size 234 kB (234218 bytes)
Hash 60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6
GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
193.108.118.121200 OK 2.0 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:10 GMT
age: 7654117
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/favicon.png
193.108.118.121200 OK 1.2 kB URL HTTP/2 9.news-civuse.com/lands/38/favicon.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50
GET /lands/38/favicon.png HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
144.76.158.184429 Too Many Requests 162 B URL HTTP/1.1 errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP 144.76.158.184:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae
POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9.news-civuse.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://9.news-civuse.com
Content-Length: 1018
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:10 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
9.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
193.108.118.121200 OK 37 kB URL HTTP/2 9.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 73ead9d15baab4d54bba1af0d48c486f
2e1005f32d12772d9a315ee7b5fa1b67244da31a
dec378f894f858ef2305bfa2b06028f6fb3b722df02b4e4e9e94a01bd4075bfc
GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
5.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
193.108.118.121200 OK 12 kB URL HTTP/2 5.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 53d1a841eca70093cb11ee7c5821d5c1
9c0cb5aa359a8dbce7952a5db2d232b8f588a5d9
89233c76cf4f27e8b569986fb540aa4f06dadf7df20c7f78364f0b79e416caf3
GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
10.news-civuse.com/revopush.js?v=4
193.108.118.121200 OK 10 kB URL HTTP/2 10.news-civuse.com/revopush.js?v=4
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (9954), with no line terminators
Hash fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
Analyzer Verdict Alert fortinet Phishing
GET /revopush.js?v=4 HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
193.108.118.121200 OK 4.0 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
193.108.118.121200 OK 6.0 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
193.108.118.121200 OK 8.3 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
193.108.118.121200 OK 1.4 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
193.108.118.121200 OK 12 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd
GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
193.108.118.121200 OK 22 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
193.108.118.121200 OK 31 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash ea5dd7abd54160387899eba1a303d94f
01aa6d38df0061fce4e1625dcebda6afd05f0bd2
cf226a054555062f872db026ee807893a359583b4d968d3f8a8ea27163039e84
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
193.108.118.121200 OK 17 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
193.108.118.121200 OK 11 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
193.108.118.121200 OK 14 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=13253
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
193.108.118.121200 OK 13 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=20252
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
193.108.118.121200 OK 16 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
193.108.118.121200 OK 18 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
193.108.118.121200 OK 2.4 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
193.108.118.121200 OK 9.6 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=1570
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
193.108.118.121200 OK 15 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=5477
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
193.108.118.121200 OK 10 kB URL HTTP/2 9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=12676
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
193.108.118.121200 OK 9.0 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
193.108.118.121200 OK 8.3 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
193.108.118.121200 OK 9.3 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
193.108.118.121200 OK 9.9 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=17414
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
193.108.118.121200 OK 8.9 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=23817
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
193.108.118.121200 OK 12 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
193.108.118.121200 OK 20 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
193.108.118.121200 OK 15 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
193.108.118.121200 OK 24 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
193.108.118.121200 OK 887 B URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
193.108.118.121200 OK 1.9 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash 609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
193.108.118.121200 OK 1.2 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/jquery-3.2.1.min.js
193.108.118.121200 OK 32 kB URL HTTP/2 10.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 4eb824693667354b514e10c36ab9549a
ea472e8a8e32c825d4e967706f91e8e7a7e0ca7e
52bcfacb61d97039d0dd129cf573532fe0bceff844e16dde4a81069cef590c06
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
193.108.118.121200 OK 11 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash e4ac18000f1e664300a8c7ce5cb778d6
7dc0903b874870d367359a6466da31bd94f889c6
768501027582d0270c4abab9bec335ea96d46a30b478cc4c4fa03a8450f18147
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
193.108.118.121200 OK 49 kB URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Hash 2057de9ff4620865fb22698edcc967e7
6129c41384908aa8dc3a9885ee07794a905b2e61
6006f5fd26bbd6566b3413d506f17c60be5714dd05995bd8a6d6c37bcf898d22
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
193.108.118.121200 OK 1.1 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
193.108.118.121200 OK 2.4 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
193.108.118.121200 OK 2.0 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash 3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
193.108.118.121200 OK 3.1 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
193.108.118.121200 OK 1.8 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
193.108.118.121200 OK 1.4 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
193.108.118.121200 OK 1.6 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
193.108.118.121200 OK 1.0 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
193.108.118.121200 OK 887 B URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
193.108.118.121200 OK 841 B URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
193.108.118.121200 OK 2.6 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
193.108.118.121200 OK 4.6 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
193.108.118.121200 OK 7.0 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
193.108.118.121200 OK 4.3 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
193.108.118.121200 OK 4.0 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
193.108.118.121200 OK 8.6 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
193.108.118.121200 OK 5.1 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
193.108.118.121200 OK 4.4 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
193.108.118.121200 OK 7.9 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
193.108.118.121200 OK 3.8 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/tds.php?sid=8051799&p1=&domain=news-civuse.com&p2=s8hnpa6u30i6&p3=
193.108.118.121302 Found 4.7 kB URL HTTP/2 news-civuse.com/tds.php?sid=8051799&p1=&domain=news-civuse.com&p2=s8hnpa6u30i6&p3=
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /tds.php?sid=8051799&p1=&domain=news-civuse.com&p2=s8hnpa6u30i6&p3= HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/html; charset=UTF-8
location: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
cache-control: no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
193.108.118.121200 OK 6.8 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
193.108.118.121200 OK 1.9 kB URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F566ad678-65a7-4c74-8467-5fa73f0c1e16.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F566ad678-65a7-4c74-8467-5fa73f0c1e16.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bc4af7bd5bdcf67a4bac63e22b5d7ce8
5c457bf5021e9336d8582eed9e84e5279e08547c
0dac79971019d06657a1948f1cedaca02b3f9eca1eae52026ad9bdd0e4137b35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F566ad678-65a7-4c74-8467-5fa73f0c1e16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9731
x-amzn-requestid: 297af487-e8cf-4d0a-a30b-337cf1630f71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_RImGLjoAMFnDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c89d-3c4f6fa521885bd45e943d3b;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:54:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QgszcGhVatkK5TB5DXK4WVXz6OtG00uMKZ50sRGuoDom0MSVrrtbkw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:59:21 GMT
etag: "5c457bf5021e9336d8582eed9e84e5279e08547c"
content-type: image/jpeg
age: 35029
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
10.news-civuse.com/sw.js
193.108.118.121200 OK 4.2 kB IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
File type ASCII text, with very long lines (4168)
Hash 569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
193.108.118.121200 OK 0 B URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
193.108.118.121200 OK 0 B URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
193.108.118.121200 OK 0 B URL HTTP/2 news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:02 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
193.108.118.121200 OK 0 B URL HTTP/2 6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
193.108.118.121200 OK 0 B URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
193.108.118.121200 OK 0 B URL HTTP/2 1.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
193.108.118.121200 OK 0 B URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/jquery-3.2.1.min.js
193.108.118.121200 OK 0 B URL HTTP/2 7.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
193.108.118.121200 OK 0 B URL HTTP/2 7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
8.news-civuse.com/lands/38/jquery-3.2.1.min.js
193.108.118.121200 OK 0 B URL HTTP/2 8.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400&subset=latin,latin-ext
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400&subset=latin,latin-ext
IP 142.250.74.106:0
GET /css?family=Open+Sans:300,400&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 07:43:02 GMT
date: Wed, 08 Feb 2023 07:43:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
193.108.118.121200 OK 0 B URL HTTP/2 6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:06 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
193.108.118.121200 OK 0 B URL HTTP/2 5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:06 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
193.108.118.121200 OK 0 B URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
193.108.118.121200 OK 0 B URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
193.108.118.121200 OK 0 B URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
193.108.118.121200 OK 0 B URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
193.108.118.121200 OK 0 B URL HTTP/2 1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:03 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
evweinviw.com/WPMM8BgZ
172.67.154.226302 Found 0 B IP 172.67.154.226:0
GET /WPMM8BgZ HTTP/1.1
Host: evweinviw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/html; charset=UTF-8
location: https://news-civuse.com/tds.php?sid=8051799&p1=&domain=news-civuse.com&p2=s8hnpa6u30i6&p3=
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Wed, 08 Feb 2023 07:43:02 GMT
pragma: no-cache
set-cookie: _subid=s8hnpa6u30i6;Expires=Saturday, 11-Mar-2023 07:43:02 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpa6u30i6_s8hnpa6u30i663e3528607a604.87180578;Expires=Saturday, 11-Mar-2023 07:43:02 GMT;Max-Age=2678400;Path=/
26a99=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI2NFwiOjE2NzU4NDIxODJ9LFwiY2FtcGFpZ25zXCI6e1wiMTUyXCI6MTY3NTg0MjE4Mn0sXCJ0aW1lXCI6MTY3NTg0MjE4Mn0ifQ.62Samd4fw5oRR2iPLiDa9yrQte2H9Wu6fzZrflakwXc;Expires=Wednesday, 18-Mar-2076 15:26:04 GMT;Max-Age=1675928582;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mee9%2F3uwDtqtJp4UTOQ73XpW16NibUEQ3LUkSVC%2FBGuWeKthnYv0R3KsS9WaiKs7MZXQaQnBdddjFfacJdPvwEzn9BLjvZdgfd9VzwPNNnU0rVJAiPypAri3g%2Fl7kNnY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7962bb653e94b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
193.108.118.121200 OK 0 B URL HTTP/2 10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
6.news-civuse.com/lands/38/jquery-3.2.1.min.js
193.108.118.121200 OK 0 B URL HTTP/2 6.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
Analyzer Verdict Alert fortinet Phishing
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
193.108.118.121200 OK 0 B URL HTTP/2 news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 193.108.118.121:0
ASN #61003 GlobalTeleHost Corp.
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2