www.fur.ly/e14k
185.53.177.50 1.4 kB IP 185.53.177.50:0
ASN #61969 Team Internet AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (385)
Hash b3c264b0f9524de18b9682c2cc21b79d
0503d68728b5cdc0d68afa8e74f95828468973c0
91e0fbdeb3e71be6d2f03707908eeb201e5c7336a97a470e6f3a86fb4d1925b4
GET /e14k HTTP/1.1
Host: www.fur.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 11 May 2023 12:55:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Redirect: zeropark_zeroclick
X-Buckets: bucket011
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_n9T1bbyJ+qVxmHr6IQra2Gs/CXd0bfmKarw9UjzZMwMAYKlfYCvdI4kA4y8MJRgXnVSipq84ctXB1Gt8FLgwBw==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: fur.ly
X-Subdomain: www
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/scripts/js3.js
54.230.245.8 1.1 kB URL d38psrni17bvxu.cloudfront.net/scripts/js3.js
IP 54.230.245.8:0
File type ASCII text, with very long lines (468)
Hash a66b149a7ebc798955373415d683f32a
15ceaba8cfae8368600620ae97aa26ae7331d626
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
GET /scripts/js3.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.fur.ly/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1096
Connection: keep-alive
Server: nginx
Date: Thu, 11 May 2023 00:54:14 GMT
Last-Modified: Mon, 23 Jan 2023 11:12:07 GMT
Accept-Ranges: bytes
ETag: "63ce6b87-448"
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TmL7pNANAHG2QRJVCnXrSddnyXmaN5DkzZEwKIpBuJyZgnX-O4PoIw==
Age: 43283
www.fur.ly/track.php?domain=fur.ly&toggle=browserjs&uid=MTY4MzgwOTczNi40MzYzOmQxODA1ZDMwYWZhMDllZGRkODllNzNkYTM3MjE0ODEzMGRmMzhlYTQ5MjdkYmUyNzM4ZTQzNDZiYjg1NTQ4YjU6NjQ1Y2U1Yzg2YTg1Yw%3D%3D
185.53.177.50 20 B URL www.fur.ly/track.php?domain=fur.ly&toggle=browserjs&uid=MTY4MzgwOTczNi40MzYzOmQxODA1ZDMwYWZhMDllZGRkODllNzNkYTM3MjE0ODEzMGRmMzhlYTQ5MjdkYmUyNzM4ZTQzNDZiYjg1NTQ4YjU6NjQ1Y2U1Yzg2YTg1Yw%3D%3D
IP 185.53.177.50:0
ASN #61969 Team Internet AG
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=fur.ly&toggle=browserjs&uid=MTY4MzgwOTczNi40MzYzOmQxODA1ZDMwYWZhMDllZGRkODllNzNkYTM3MjE0ODEzMGRmMzhlYTQ5MjdkYmUyNzM4ZTQzNDZiYjg1NTQ4YjU6NjQ1Y2U1Yzg2YTg1Yw%3D%3D HTTP/1.1
Host: www.fur.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.fur.ly/e14k
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 11 May 2023 12:55:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www.fur.ly/ls.php?t=645ce5c8&token=5d93a2b0aee13bf2edc5e5a1caf1934921995ff0
185.53.177.50 16 B URL www.fur.ly/ls.php?t=645ce5c8&token=5d93a2b0aee13bf2edc5e5a1caf1934921995ff0
IP 185.53.177.50:0
ASN #61969 Team Internet AG
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /ls.php?t=645ce5c8&token=5d93a2b0aee13bf2edc5e5a1caf1934921995ff0 HTTP/1.1
Host: www.fur.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.fur.ly/e14k
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Server: nginx
Date: Thu, 11 May 2023 12:55:37 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 645ce5c9cbb1ae12c149b82f
Charset: utf-8
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_SthGFhu8YRJtztCMoxv/xb6aq6XfRRzOtUcILA1LREsv74sOXzxttuLCQA2R2b8zU3YrNtGpL4LnXWJABi6MVQ==
www.fur.ly/favicon.ico
185.53.177.50 0 B IP 185.53.177.50:0
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.fur.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.fur.ly/e14k
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 11 May 2023 12:55:37 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
www.fur.ly/track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=fur.ly&uid=MTY4MzgwOTczNi40MzYzOmQxODA1ZDMwYWZhMDllZGRkODllNzNkYTM3MjE0ODEzMGRmMzhlYTQ5MjdkYmUyNzM4ZTQzNDZiYjg1NTQ4YjU6NjQ1Y2U1Yzg2YTg1Yw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDVjZTVjODZhODQ3fHx8MTY4MzgwOTczNi43NzY2fDRkNDc0YzFlN2UzNmYxZDMzOGNhMWZlYTRjMDQ4N2RmYmQ5M2M3YTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw1ZDkzYTJiMGFlZTEzYmYyZWRjNWU1YTFjYWYxOTM0OTIxOTk1ZmYwfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
185.53.177.50 20 B URL www.fur.ly/track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=fur.ly&uid=MTY4MzgwOTczNi40MzYzOmQxODA1ZDMwYWZhMDllZGRkODllNzNkYTM3MjE0ODEzMGRmMzhlYTQ5MjdkYmUyNzM4ZTQzNDZiYjg1NTQ4YjU6NjQ1Y2U1Yzg2YTg1Yw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDVjZTVjODZhODQ3fHx8MTY4MzgwOTczNi43NzY2fDRkNDc0YzFlN2UzNmYxZDMzOGNhMWZlYTRjMDQ4N2RmYmQ5M2M3YTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw1ZDkzYTJiMGFlZTEzYmYyZWRjNWU1YTFjYWYxOTM0OTIxOTk1ZmYwfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
IP 185.53.177.50:0
ASN #61969 Team Internet AG
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=fur.ly&uid=MTY4MzgwOTczNi40MzYzOmQxODA1ZDMwYWZhMDllZGRkODllNzNkYTM3MjE0ODEzMGRmMzhlYTQ5MjdkYmUyNzM4ZTQzNDZiYjg1NTQ4YjU6NjQ1Y2U1Yzg2YTg1Yw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDVjZTVjODZhODQ3fHx8MTY4MzgwOTczNi43NzY2fDRkNDc0YzFlN2UzNmYxZDMzOGNhMWZlYTRjMDQ4N2RmYmQ5M2M3YTF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw1ZDkzYTJiMGFlZTEzYmYyZWRjNWU1YTFjYWYxOTM0OTIxOTk1ZmYwfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off HTTP/1.1
Host: www.fur.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.fur.ly/e14k
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 11 May 2023 12:55:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-View-Match: true
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 9725f73e71e4f54dcb34e202fe548383
351bf2356874e65879585bbebcf586cc546b78b4
4f1ec94f3b97a6fcfe9c7d1bd43ddb0aadc4bdc9e9486632e0cd157e31305f23
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160043
Date: Thu, 11 May 2023 12:55:38 GMT
Etag: "645c9dde-1d7"
Expires: Sat, 13 May 2023 09:23:01 GMT
Last-Modified: Thu, 11 May 2023 07:48:46 GMT
Server: ECAcc (nya/79CE)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6VP3TB9ZQ0YAd6yP-jwWF6T2y-hN22sFRUhQZIu0NLBCBXsi7TIpyQ==
Age: 5655
fulbe-whs.com/zcvisitor/1fb24540-effb-11ed-a23f-128de1e45cb5/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e1920750-cd68-11ed-857c-0a918cbcbb97
54.165.180.165 1.1 kB URL fulbe-whs.com/zcvisitor/1fb24540-effb-11ed-a23f-128de1e45cb5/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e1920750-cd68-11ed-857c-0a918cbcbb97
IP 54.165.180.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7139926b66a257fe944c619b9725cbba
e94d6f83aadeae728288a5e9f4a0c194266471c9
f65332bb3941e39e86321f8bf13725bc8c1955c9ce251963f958b7925a4bc06c
GET /zcvisitor/1fb24540-effb-11ed-a23f-128de1e45cb5/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e1920750-cd68-11ed-857c-0a918cbcbb97 HTTP/1.1
Host: fulbe-whs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.fur.ly/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Thu, 11 May 2023 12:55:38 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: koZsQlxf
fulbe-whs.com/zcredirect?visitid=1fb24540-effb-11ed-a23f-128de1e45cb5&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false
34.238.227.119 462 B URL fulbe-whs.com/zcredirect?visitid=1fb24540-effb-11ed-a23f-128de1e45cb5&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false
IP 34.238.227.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 080a1450502684703ef6fddb71dde6d9
b3e15bf6200ae40a0decee5c838be0752a6e8391
ca3bce791076e89f3bfd154f4d86c6e52c45d0ce29ed9a56f0f4d459710ccfec
GET /zcredirect?visitid=1fb24540-effb-11ed-a23f-128de1e45cb5&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: fulbe-whs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://fulbe-whs.com/zcvisitor/1fb24540-effb-11ed-a23f-128de1e45cb5/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=e1920750-cd68-11ed-857c-0a918cbcbb97
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Thu, 11 May 2023 12:55:39 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: WuaGCkjJ
fulbe-whs.com/favicon.ico
34.238.227.119 653 B URL fulbe-whs.com/favicon.ico
IP 34.238.227.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: fulbe-whs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fulbe-whs.com/zcredirect?visitid=1fb24540-effb-11ed-a23f-128de1e45cb5&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404
Date: Thu, 11 May 2023 12:55:39 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: rnHvEloT
go.proffering.xyz/15GUIL?zoneid=lateritious-falcon&campaignid=2069719&target=alpha-ose-de7vlk3zw&cost=0.001200&external_id=NON-ADULT
20.113.67.50 312 B URL go.proffering.xyz/15GUIL?zoneid=lateritious-falcon&campaignid=2069719&target=alpha-ose-de7vlk3zw&cost=0.001200&external_id=NON-ADULT
IP 20.113.67.50:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (312), with no line terminators
Hash 22aecfea9f525e209f8b317133bcb485
334e6875ff3f6ec94f0330e7b58f31161d41fe67
10db18b5cc897a93b3d23d12bed39ccfc2e8079e10d20cc9483dfa04fa4171d1
GET /15GUIL?zoneid=lateritious-falcon&campaignid=2069719&target=alpha-ose-de7vlk3zw&cost=0.001200&external_id=NON-ADULT HTTP/1.1
Host: go.proffering.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://fulbe-whs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Thu, 11 May 2023 12:55:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 312
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GUILo=20230511151683810348109; domain=.go.proffering.xyz; path=/;expires=Fri, 12 May 2023 12:55:39 GMT; httpOnly=true;SameSite=None; Secure;
_pc_lc_id=15GUIL; domain=.go.proffering.xyz; path=/;expires=Fri, 12 May 2023 12:55:39 GMT; httpOnly=true;SameSite=None; Secure;
peerclickcid=db399d8d777fb105ddeba94748ebdaf7-11246-0511; domain=.go.proffering.xyz; path=/;expires=Fri, 12 May 2023 12:55:39 GMT; httpOnly=true;SameSite=None; Secure;
_norg=1; domain=.go.proffering.xyz; path=/;expires=Fri, 12 May 2023 12:55:39 GMT; httpOnly=true;SameSite=None; Secure;
Location: https://qwfuu.altairaquilae.top/?pl=W7-lkuObDEWXzHM4LgqUhA&sub_id=parkdom&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511
Vary: Accept
qwfuu.altairaquilae.top/?pl=W7-lkuObDEWXzHM4LgqUhA&sub_id=parkdom&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511
172.67.142.37 0 B URL qwfuu.altairaquilae.top/?pl=W7-lkuObDEWXzHM4LgqUhA&sub_id=parkdom&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511
IP 172.67.142.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=W7-lkuObDEWXzHM4LgqUhA&sub_id=parkdom&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511 HTTP/1.1
Host: qwfuu.altairaquilae.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fulbe-whs.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 11 May 2023 12:55:40 GMT
content-length: 0
location: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
set-cookie: W7-lkuObDEWXzHM4LgqUhA=19; max-age=345600; path=/; samesite=lax
__pl=dc1194f1-1bb7-4695-881e-6397955e8379; expires=Sun, 11 May 2025 12:55:40 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0cFv92sTZoZxuzFpCDZcZbVyrg1PH0RmzfDEaCZWTIiE2aszlhYEn72%2Bobk7L5LKhOiAq54CzbORvLNSLIqlmmOSZpMIwHqtUxodVs6xc%2BbcKY%2FztqgE4YcJwhFY78kw6Tfn9kqqJBnuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c5a93db88e3b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
qwfuu.crystalcrafter.top/ph-new/assets/thumb-big.jpg
104.21.7.3 83 kB URL qwfuu.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Hash cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788
GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:40 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1791
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYex%2FG9VjmZZ5SAOuIzSIP%2FJyODWjIz2azkjfSjjlLphRaPQZxNkgacvu8gF4eecyJEUEV33ABT%2FvpOuZTo6%2FGoRbEs8u5nPAuhXJ6jLhGFZowa089vIzhL7h0DiFWNP6ekr6bJA%2F31OzZk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93dea94fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/favicon.ico
104.21.7.3 0 B URL qwfuu.crystalcrafter.top/favicon.ico
IP 104.21.7.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 11 May 2023 12:55:40 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1473
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6RUkQZCyD8ymZN6r9HJxKMWQrMhfioL7HXBjQvvQ8pGbGQfBgupjtWmbnlwP1p%2FVx%2Fq6%2FcsJoXwPDnqYVNUCytPfHoTDZpwxCmxME%2F7Kv0DhSx%2FUEyqIic%2FjY9gqYU2WNrmArcYjTAZy8I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e04bb1b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 47272cb076c77e164e7570dd49d90025
0039db810fa5c031bdab6e71925d197e50906041
c87f1232b211dac41dd77de133a3017154e0d47ce5aa864a782b725a3b0f9b7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 11 May 2023 12:55:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
142.250.74.35 6.8 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (21158)
Hash e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 May 2023 06:18:54 GMT
expires: Fri, 10 May 2024 06:18:54 GMT
cache-control: public, max-age=31536000
age: 23807
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 47272cb076c77e164e7570dd49d90025
0039db810fa5c031bdab6e71925d197e50906041
c87f1232b211dac41dd77de133a3017154e0d47ce5aa864a782b725a3b0f9b7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 11 May 2023 12:55:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
142.250.74.35 11 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (40976)
Hash a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 00:16:42 GMT
expires: Thu, 09 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 131939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
qwfuu.crystalcrafter.top/ph-new/assets/rec-2.jpg
104.21.7.3 11 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-2.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash dbe1dba764a2ef20cf6760ad30539988
e14dca406d4f5932a9a4683635bbdf87def79eba
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7
GET /ph-new/assets/rec-2.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 10890
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2a8a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2L4B0AyWH5rjLSEKCSxtPR%2FzrIIe1hfNoGVOq54Aiw4eLOIZzJ7FPWsszbW%2BUx%2FhRzNrweqtrpt39MEeji%2BflDje%2Fq2oaaRLo%2BYtz9uOWmNqR20b343nukD08MbS0wm5h6ZBcsrULRS2lc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e27ee2b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-3.jpg
104.21.7.3 15 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4d58cecaa4f40c979917c8e4d907033f
f0c6d616bcc3f4bd5a1dadbca8254d9f34f2921c
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996
GET /ph-new/assets/rec-3.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 15217
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3b71"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3g6Mzr4kruDj9428gFWpC25uwxEGTneqBDtVNZMWTtkfKxQAzKKKE0QPLyBlO9IjF7NN5S8j3HuAHGdqtuvI0%2B6etPA9tGdGudyUGqeZ8z5bxmgW2N9wFAgmjlS%2FUWEWehixP2bB%2BfiEWEg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e27ee6b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-1.jpg
104.21.7.3 14 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/rec-1.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDNa7LvYtfy74ORLZfK5IWK%2BACmFstxBhPtTzhQmfqyoWEmrJJ5NEOglZn0VUXxE3WfuxZeWyajmo4Z2NjrwUfywQCSkfHv8JSEzmDk4yuP9%2B0sAjOazVjvx55x%2BEzZ4Oy8mkc7p1mGXT5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e27ee5b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-4.jpg
104.21.7.3 8.9 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-4.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 8375f2a1249ce00f118c5b616ab71492
4e2d3bc095c01632578b0b39afbfc03f43e3fa42
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483
GET /ph-new/assets/rec-4.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 8900
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-22c4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eb0otrcTItRzI2JJfgAjYIKolRNDiNR3QVrLZ0VT8FXgCujll0%2FZSyAyq8e4UVPJp5UNglwX7d28uJBC2XRgtC0s7u3CLul6CfQCi4opdQB0tfG4xtieoWKKphl6iiuhG8zh%2BcRklXUEdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e28eedb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-5.jpg
104.21.7.3 13 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-5.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f9ec603fbe19b12e8a8c1874eea3e5f2
0e24410f618ffa17dc6a9380a5b9a4c06dfba4a9
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02
GET /ph-new/assets/rec-5.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 13149
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-335d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=de0EihIG%2FlO%2FPZdLrsmYq8LQBCHBdV2VwukYoWix50l3TclIeij8qSdO3Jhgccr5t9MmgYkjkHAbwQoZReI086hlqg7G81OKJ8vtDx1Dl2wY6kLWBZgULyTNEH2OLS7yVQUzmlKg6BbLqIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e28ef0b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-6.jpg
104.21.7.3 16 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-6.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4887925f773d2ba9caea39686f764c7f
98c9abb09854fee425dbd78ad623af053cec6721
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773
GET /ph-new/assets/rec-6.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 15988
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3e74"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDUB864ySionN1CpKqekI%2BDcYV5tYpUtVtLkgwN4cv2Ed9K0bKbczP1wlTQSaCNp51LVr0qncA1kQPbs9%2BztakHBjcM7wEaLLvmR7glAmEzyyhE6ZCdBdKzUtb8vAEXp5vTE36SuYAO%2FkIw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e28ef2b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-8.jpg
104.21.7.3 13 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-8.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash eb826882457e1589d8a7d3b3499c4556
91284882dec199a9cc02ffa3ef3c86505159ce12
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940
GET /ph-new/assets/rec-8.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 12992
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-32c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBEAU0b5Z427hTTeLMpINeNzChgPk5YzJOhr6pXhFgOvb4wl9MpqESAUJgC56bePZj3msMeImOnHrqnnY9w52%2BAViKYeBqN7w8NUOXU1CvUo2GJDXJZAO%2F2FbxWV7KeUrfFKVqTFwQj3eno%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e29efcb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-7.jpg
104.21.7.3 14 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-7.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f8af6bb4bdbbf2788da61a614e2f214e
d4a22a315356fcbc5f4a6af2d8a15e96721abddc
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc
GET /ph-new/assets/rec-7.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 13963
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-368b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBYEEKP%2Bs98V%2Fd1L%2FjRD5EzCnAHaLOLNSWAnJNYEGds3GDwbT3vzJYTagwiVvtk1B9L7U%2FLMmUoHPYdwm7qEjVFUpeXfI%2BnIwOApKBdaK870X3FWkgC1%2FomCSXDFzal2gdfwD4auVN0KCuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e29efeb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/2.jpg
104.21.7.3 21 kB URL qwfuu.crystalcrafter.top/ph-new/assets/2.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash c3f3eb5d00c73ac19828309a4cde4e96
be66f4e10a00d90a0f8fdc0a5a4dbd19c143d97d
626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763
GET /ph-new/assets/2.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 21253
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-5305"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1554
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WlSC8NIyvABfv9%2FbjDLpSJv7r6G8UEGJqfSWxudnsEm9oOuTFH13AlAkkhQMBur6iNVYRYcH5a15sSr2tNfExPmtwK7dLfuCcnTSNfSwdYuCRbCeuKW4jV9axa70IV4Nz3JDz%2BeTV7qy%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e2bf32b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/1.jpg
104.21.7.3 14 kB URL qwfuu.crystalcrafter.top/ph-new/assets/1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/1.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1554
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkpF7QTQAMzy4v7PXoNvA42JuN0J%2F9gYMbliYLsrcg5gvFp7g0Hq9ncH9UFv%2FORnFG%2BR1%2BcJcb3M8HqBiY1WALiTCN20qlQjHKetp1n6eFZH6Jr%2FZdsvtBxn6vQ8WdlF651SyickcmrRtMc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e2bf2fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/5.jpg
104.21.7.3 12 kB URL qwfuu.crystalcrafter.top/ph-new/assets/5.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 113d196991f086fe21f82ee35286eddc
093b74a20c8902f13be1ee735f90a93e397227f9
34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1
GET /ph-new/assets/5.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 11713
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2dc1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1554
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSXT7zndNHSJv2wrmaNVgHG%2Bu%2FEAIjkul4jfHoOfZwzOwChW9HjfsXAvnumtyN09eSflU2NXBcwLkWLR3XX9sqNZ2QzayTGcO1PMgnPAhIK6uQFXevxTY7z9l1Op65Y5YHcILtQ1dUnvfyg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e2bf35b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/3.jpg
104.21.7.3 11 kB URL qwfuu.crystalcrafter.top/ph-new/assets/3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 3f9b232e4a112a89dedcae34ff319dda
5c633886ceeaf3b1185e24253df6be39378c8e85
55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a
GET /ph-new/assets/3.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 11094
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2b56"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1554
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZf1VCxzVOxMST8gjqwg2%2B3HVGpcqeknmJmzRBs5CrTuvDuMZGI0LL55qR2xASdVpdZGu8BdFAbnHXvFmNoUahTte%2F1MivnLmp8FLUVS6%2BDBezWyUIsNDFUa%2FTrPPoYWIvCWdy3cTd0PqRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e2bf33b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/4.jpg
104.21.7.3 14 kB URL qwfuu.crystalcrafter.top/ph-new/assets/4.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash a4bef91e21afc13fed7f0bebcc6c4495
5dd2288d13e016a66fbe1f5605b2ed0fc3ad6326
44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd
GET /ph-new/assets/4.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 13611
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-352b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1554
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpWqFdc3%2B3IUrXcUtQrfXu3RKdBCnnwJgPkXTPYV7Sn74spW1NtFAeK6mo%2FvZHya1OOioVxGRZ6UOPfQdN95UAZDnoPml17HuHmL7eDDGideUQUatn4%2BiHnX2IrEP%2FiClo7%2F8rnEJdnjaRo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e2bf34b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/thumb-big.jpg
104.21.7.3 83 kB URL a.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Hash cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788
GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfGtSQJJ%2FzIIm18a2f0wCJ855CXBLyJyprunYbinnGOKqzM7N5TmMdg4YZLh04ZtofWZTAjP9f7Ha%2FhwqYCwZ5YL9F%2Fky5vXxhJgTrMDOGD%2BK%2FWm109Q3EcesVH2RXpGVSLHvu5VGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e46928b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
104.21.7.3 19 kB URL a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Hash c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040 HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeSPNh26GdwR3QmXLCtivsWMLNTcbjO%2F4NePApRgJnndekfSYjF4BvkaKLiQR3iy2lRzs8P97Yi3HDmgobs6WupX4GNgGLTD6tRdNu3RNGZYVq%2FVg5wujzw07R4NMhMz7yIVLCxP9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c5a93e36802b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/style.css
104.21.7.3 19 kB URL qwfuu.crystalcrafter.top/ph-new/assets/style.css
IP 104.21.7.3:0
File type ASCII text, with CRLF line terminators
Hash 807d696b86114245f8eda3dce43f61ff
6d65ffaf8ec2107db8f1d29c410f152a8b809a56
7524af6d5f36df3e5d5c8148bc63e3956de050fa262fc0589e2a58dc606977bc
GET /ph-new/assets/style.css HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:40 GMT
content-type: text/css
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-5f33"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5%2BDBoEm95k0I3RA18kwfUxAelvryJjxh9z2hzMDrwMA4wzNDjsPVeAg%2FBqaRI3nBBJuPjXicYcjqWgcjUSaFCE7W0WhLlgX0exAyOOJl88WJrMiDDMJoa8fqSjeqGpDKXI74YsdAs1yjVo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93dea94eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
142.250.74.35 11 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (40976)
Hash a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 00:16:42 GMT
expires: Thu, 09 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 131939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
104.21.7.3 98 kB URL a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Hash c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040 HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lq24tkTA6rvAGcwzs%2FSDMGP6GYTkU3SvVRwB09iz83%2BQ3CXKklWQsLv7FP95uupB6iHf5RwrCJrkSOmr2MzCx%2FD7gHBoayd1QiO1w4LYGk7ZT7irBi1TTeKq7sO7nuhecUZBt%2FYZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c5a93e4692eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
104.21.7.3 12 kB URL qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
IP 104.21.7.3:0
Hash af4ac0950f5ba9d70448f48c47c304ce
0e46fed4d654b0a2895a625d722c95582812ad41
26ed863932cb08bf905f4d48df124c4cf6cbee1b9532dcac51588b3efce54c2c
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040 HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:40 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6o2W8knix50i7BBlaQOjbFca%2F0qiZQ5FrRj3ybZ%2BMJThqV8nnnBefR%2BdIgut%2Fg%2BGW1DBlOUL6GW8AQdc0eqvFaUF6dsGmXYadPvL%2BiGv7iykLu%2B9oNpe%2FmsgKQL63ilb0TDVLDza0jwENZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c5a93dea951b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
142.250.74.35 6.8 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (21158)
Hash e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 May 2023 06:18:54 GMT
expires: Fri, 10 May 2024 06:18:54 GMT
cache-control: public, max-age=31536000
age: 23808
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
142.250.74.35 11 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (40976)
Hash a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 00:16:42 GMT
expires: Thu, 09 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 131940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c.crystalcrafter.top/ph-new/assets/thumb-big.jpg
104.21.7.3 83 kB URL c.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Hash cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788
GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:42 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 7118
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rb4Ezwv3vo%2Bb5LH%2B8aDGPiNnO1y6iQ2Xwd3CaQij2E5Hi576aXvZ204iKHcVuOHlqwxu3zdLRysVizgbgKu3NTR9VBnziJv1Pyf%2FZWVwOJjJaySJwir1H3VyuCyax9dsphR9VFUauw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93eb2a5db511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/assets/trls.js
104.21.7.3 7.0 kB URL b.crystalcrafter.top/ph-new/assets/trls.js
IP 104.21.7.3:0
File type Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Hash 2d452480e0a1246e5ed7e13278b99eee
dc1115b9c20884a07335bdf5abea5c399f5293d6
19b0897b045b6f67abdae0b9f6ca5987202456aa0d7bfc3b17128e94d2cf761d
GET /ph-new/assets/trls.js HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:42 GMT
content-type: application/javascript
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1e3f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBBZeLbjJLgyXLSgHp72dPnPlHBTgC%2FMl7CF5rH1lUT%2BUVHClsMa3QnfZpG3QGeVouaZ%2Fmq1YJDEtYpIBshZDtKLlX81j4EsP0gWAi%2BizWxgapCBvsgiBLL65MkTpaUm%2B1I2zgxZgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e7ad81b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
104.21.7.3 34 kB URL c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Hash c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040 HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:42 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6SO9AzlDn0BOpZTb9jrG5HQ%2B%2BhqRgNwGZIuzrvEU3pchjQI42CdORt%2BYOAiksvP%2FE2fTYi27M5XjVIxsoar5gf%2Fk66HzM9wCdYJccn4HV%2BepA%2BU3qONRY1LFG9eW%2FuZfQggKyJ9Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c5a93ea695eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
142.250.74.35 11 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (40976)
Hash a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 00:16:42 GMT
expires: Thu, 09 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 131940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d.crystalcrafter.top/ph-new/assets/thumb-big.jpg
104.21.7.3 83 kB URL d.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Hash cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788
GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:43 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 7118
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LA5mJN%2FQThEVxSm2jlrHQgUJIM2P4kyj%2FJw0HUZqY%2F4uYaui6q6LIUUGGwNne6SNhicRkLQHxR0hQZLl7Qcm8zhNnqIK%2BcoUcwTiIfHIKEAPsjW622XJjZ8lB%2FrcGjl%2FdHBHjzihwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93eebf2cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/favicon.ico
104.21.7.3 0 B URL d.crystalcrafter.top/favicon.ico
IP 104.21.7.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 11 May 2023 12:55:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1139
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXOVHyfk9hWZQfS5wbEdp1s0yNYmYhwfTfwdCq26mh4VI45w%2Fd%2F%2Bzpbvap%2Bww%2BEAjqerCYNE%2BWI9q4b7%2B1x3vgSjs6UfHSwZAp4K9iJGd4Cipk3%2FVrPfTAoZQDIfEEdyHa8jSfnXbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93f0190fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
142.250.74.35 6.8 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (21158)
Hash e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 May 2023 06:18:54 GMT
expires: Fri, 10 May 2024 06:18:54 GMT
cache-control: public, max-age=31536000
age: 23809
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
142.250.74.35 11 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (40976)
Hash a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 00:16:42 GMT
expires: Thu, 09 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 131941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d.crystalcrafter.top/ph-new/assets/rec-1.jpg
104.21.7.3 14 kB URL d.crystalcrafter.top/ph-new/assets/rec-1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/rec-1.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:43 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5879
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mP3yCChH3wGJjnU4kJC8tdmTngEQ1%2ByTjzidyKgbXzbihwGslo267nzKIivw3ImM7U4nmEUVxjwdOcbcDtEwGesf1rYCxgnSc2MABtIWiX2nqeojNnGOjctzL1OztmEwC%2Bbduj18RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93f26c06b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-2.jpg
104.21.7.3 11 kB URL d.crystalcrafter.top/ph-new/assets/rec-2.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash dbe1dba764a2ef20cf6760ad30539988
e14dca406d4f5932a9a4683635bbdf87def79eba
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7
GET /ph-new/assets/rec-2.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:43 GMT
content-type: image/jpeg
content-length: 10890
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2a8a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5879
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjpU9LRIlerzzLF9NbTt%2BnZniZy%2Bso3BLVSLjoRORiQAa7Xpy4i2uuZlwdll2XF0UOU03NodN5Mm1lfU1twQPPjgh5oeLTXZG%2FNTT4wy3TnS8AcFkJDD%2F8jvYic81gtp3Ov1JroKJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93f27c0db511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-3.jpg
104.21.7.3 15 kB URL d.crystalcrafter.top/ph-new/assets/rec-3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4d58cecaa4f40c979917c8e4d907033f
f0c6d616bcc3f4bd5a1dadbca8254d9f34f2921c
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996
GET /ph-new/assets/rec-3.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:43 GMT
content-type: image/jpeg
content-length: 15217
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3b71"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5879
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZvywhV2mPSLKvoRVUnAuS4usLvLUze6H6UPJNt4X0XEEqKenr0Ww59IIC08FaXwzQDZyGcGRoepHbu3UnRLek3aFpFWD%2FHfooRt0AiT97CK3SY1wqFN10Wq%2BMt4SJK1%2FRXv0kLwRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93f27c13b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-4.jpg
104.21.7.3 8.9 kB URL d.crystalcrafter.top/ph-new/assets/rec-4.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 8375f2a1249ce00f118c5b616ab71492
4e2d3bc095c01632578b0b39afbfc03f43e3fa42
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483
GET /ph-new/assets/rec-4.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:43 GMT
content-type: image/jpeg
content-length: 8900
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-22c4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5859
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwCWENASX19DwLmZxE99SP2a1rUaEaNC759RVgu39nhJWV1XD7Rzz49qIoTEMqq9hDFaqyPqPWtYW%2FVfyi84yo0wHfndL7AMvjor8KtN%2BD059OQpZdkqC0BpD3hSvfE1uZn6wSeU8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93f28c24b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-5.jpg
104.21.7.3 13 kB URL d.crystalcrafter.top/ph-new/assets/rec-5.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f9ec603fbe19b12e8a8c1874eea3e5f2
0e24410f618ffa17dc6a9380a5b9a4c06dfba4a9
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02
GET /ph-new/assets/rec-5.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:43 GMT
content-type: image/jpeg
content-length: 13149
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-335d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTja2oj3bVNOhn3dQhWeS0IuPI%2Fs6Oi0DbkbJJxAd4tK8M6Mveax7Pu5Mz%2F67yS5yhRWHKE9F%2FUOvE6X5L146wVO7H9%2BTXDoTEsSxR7tm33VTg7nYXGiRw1RTzxLRDtHMYVIS%2FKtqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93f28c29b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-6.jpg
104.21.7.3 16 kB URL d.crystalcrafter.top/ph-new/assets/rec-6.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4887925f773d2ba9caea39686f764c7f
98c9abb09854fee425dbd78ad623af053cec6721
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773
GET /ph-new/assets/rec-6.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:43 GMT
content-type: image/jpeg
content-length: 15988
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3e74"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wo45U2IIpCgnFJTKZCUIQ6uNrS1zVxaDyzWzZYz%2BB32H6%2B2m3jXC3334aOzOPcEc2%2BIwr6j6dIYxXIlfTdUvt9LAAeuxKBq3GZEmAsn9UyxEn1ShQB%2F7uI3e4n7em9PvyREoQxXAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93f29c2eb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-7.jpg
104.21.7.3 14 kB URL d.crystalcrafter.top/ph-new/assets/rec-7.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f8af6bb4bdbbf2788da61a614e2f214e
d4a22a315356fcbc5f4a6af2d8a15e96721abddc
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc
GET /ph-new/assets/rec-7.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:43 GMT
content-type: image/jpeg
content-length: 13963
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-368b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cq73RqkJUDsU48sxP47KzZUP8f8Gq3BHwq4b1dGE0rP7OhaTFPlohm9V3LfkYYhEq4fheu6FacQ7FtipDvVITfOfoiP7lUvlso%2FsjRq%2Bzsf82CCG%2BFIjXqMSYU0XUwom2Dx4e3%2BOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93f2ac43b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-8.jpg
104.21.7.3 13 kB URL d.crystalcrafter.top/ph-new/assets/rec-8.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash eb826882457e1589d8a7d3b3499c4556
91284882dec199a9cc02ffa3ef3c86505159ce12
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940
GET /ph-new/assets/rec-8.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:43 GMT
content-type: image/jpeg
content-length: 12992
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-32c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHoH7wQ3qVeEbZv%2BpxUOAMtad4V49%2Bwxg2tt4J9t%2FpYzaxef8d%2Bs2yYgNtFiWqaXYOrMgChn1VZvASwDANLfEILg%2FCxOwiv7qiY533eZhvq4Sy6h0C4tyqrLmvUxZQAUAdHC59oMaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93f2ac45b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
104.21.7.3 41 kB URL d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Hash c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040 HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:43 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HvjAQykO%2Bn0hJCClCE6ua%2BDLI7rGug4G%2BLKkS7CwrM0A3oyqCVEiKlYIQXTOAAmWkjgSsU11cKWeQ33NBVZxVe96YSCDXNMpjYHp9om4YzE3%2FsgXkovKPX1qor%2Fp3aWyz2c6GaYOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c5a93ededf4b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/style.css
104.21.7.3 31 kB URL a.crystalcrafter.top/ph-new/assets/style.css
IP 104.21.7.3:0
File type ASCII text, with CRLF line terminators
Hash 807d696b86114245f8eda3dce43f61ff
6d65ffaf8ec2107db8f1d29c410f152a8b809a56
7524af6d5f36df3e5d5c8148bc63e3956de050fa262fc0589e2a58dc606977bc
GET /ph-new/assets/style.css HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: text/css
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-5f33"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1169
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtsjI6H3eEzR2hIcQf%2BY8vlNmYEnLHqCCObCs6Z8yybggwWRWGEa%2Bi4omVn8z7Oqr%2By4oVh6gvdwREL%2Bo4tyArptfLxb2fC9MTBYK8NeffFXLK50u%2F1ImKsb1hK%2B%2FesK%2Fk3JG3PlZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e45913b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/1.jpg
104.21.7.3 14 kB URL d.crystalcrafter.top/ph-new/assets/1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/1.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:43 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5858
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3rGnCtx%2FYG%2Feq21CoSH77l36P0ks6AQSYFUSxlje1CnUBaFYyrifDedKCuwxNDpwrhVUD4EKuY9vzV69aOEb2i%2FPcv05P1kzEKnRh%2FpYuJ%2Fp8ceGRgQVSC4yqidZvDpGx8tY9irbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93f2bc70b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
104.21.7.3 26 kB URL d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
IP 104.21.7.3:0
Hash 11b9b62668ec7abae25dcb03ff733b02
91d97c88aa3e74f64df1c61b0cd273886d1ae87b
4a645b6feef4cb58811bf5b1f08d954bed82afc2fa2322eedcc8c19e85c0b078
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040 HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:43 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP3TtiGLXlQyM8XHFRDGQ5Yfb0%2BDocsL0nr3pQyS5u0AfCUdVpecywTBg%2F17Ghx2OK8VMvtMBSy6ZdW6gf80snCDpep9dhORaV58McmnS5122GKhjBuke9N4%2BqRQsfZcT6EJ5u5gig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c5a93eedf71b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
104.21.7.3 28 kB URL c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Hash c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040 HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&hash=jvBbXCHTgr_BYRfMW8SEfA&exp=1683810040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:42 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1yjyVc3NJ%2FVbooH3CJXE9IDV3OTSTjNPEh4oWBlDHJ5QsJ1B%2F38NjDDGZDTiFVAvkQld1dXKbVV1XhmZYvHhqxvFaSntduOrfvrgo2elk2o9OAeYX8fpWeE5e16zqpJbQwBHn%2BONg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c5a93eb2a5bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-dimi.akamaized.net/landings/277386/1674482702/css/style.css?1674482703
88.221.27.128200 OK 3.0 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/css/style.css?1674482703
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash c0e91ee9eeac065a145dea1b96ebfd1e
6b6d48177a222b18dc1de0ff775de8f6cb963431
daccaf7e9b15704dc69729967a3be708994fff4d7b6c3f63f17b9d37be32cdc5
GET /landings/277386/1674482702/css/style.css?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: iOgibq5bwefJNmBXigm/qdf31H9uHOKWbNj1r4p/15+8eEKl+gz6QF7Oq9nqECsCF/0ArpYr5Z0=
x-amz-request-id: 6GM9SRD41YNSD1QV
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "c0e91ee9eeac065a145dea1b96ebfd1e"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 11 May 2023 12:55:44 GMT
Content-Length: 2985
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/css/popup.css?1674482703
88.221.27.128200 OK 635 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/css/popup.css?1674482703
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type assembler source, ASCII text
Hash 5a61d45142ce5764a2b36dc75343fcd5
c44070187c0c8cec4de3aeeb8151f435c2280036
2b2e25e182e13fa2e4da12040c95d9847871400a9f3e258439620499cf287a8c
GET /landings/277386/1674482702/css/popup.css?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: bv87+9sEAgmF+9LmuaJa+60f+HCwvQ7gaxcSgupAnxavvLT0mzlVWXHwU9nfTHQNVV6BjRfVYJc=
x-amz-request-id: KPETMBYZ91Z3NR3T
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "5a61d45142ce5764a2b36dc75343fcd5"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 11 May 2023 12:55:44 GMT
Content-Length: 635
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
172.67.169.207 4.5 kB URL js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
IP 172.67.169.207:0
File type ASCII text, with very long lines (2612), with no line terminators
Hash 0dba333948dfafc2c7425b4aadf8185d
9cd6d970a6bd52e0e8e54f8ad0e80ab13da7fc13
aa5200ce8a6b9c60f852ae45a468b47860a65f0b53e2824ef63c71db9157cef2
GET /ps/pl.js?edg=true&fullscreen=true HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Cookie: __psu=242ce059-3b51-436e-9c21-441468b37bc9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:42 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2Fp1sI1%2BeC69mYG0thQTNd4odVcbrCaTnMeis0yjME4Z8dKoagL1Q7m4YB2NtwMrOO8sdjuTidwU4LtC1HqWUKcpVKMfMAE6jKqU47sZKYEnbc8Ss2VXifLN261iJSgjwFcN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93eb5d6db50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-dimi.akamaized.net/landings/277386/1674482702/js/function.js?1674482703
88.221.27.128200 OK 688 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/js/function.js?1674482703
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash 5da2c51949f2a873bf0091a104658e72
89d122a536af95bd4183de41fa10e6947c9806e8
80a1aae3b07ee310419c80f52fb2f179bfebc74bf46598bc6b041455feef3201
GET /landings/277386/1674482702/js/function.js?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: /ugpl+ZA0b1doH5/3yLNYwjDAKG/jKCtMJkzvxvpvrzZL79aKEU2JjkQrEnyWNag7GXqsU0g1LQ=
x-amz-request-id: PQS3MC6QJD41C01W
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "5da2c51949f2a873bf0091a104658e72"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 11 May 2023 12:55:44 GMT
Content-Length: 688
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
172.67.169.207 33 kB URL js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
IP 172.67.169.207:0
File type ASCII text, with very long lines (2612), with no line terminators
Hash 0dba333948dfafc2c7425b4aadf8185d
9cd6d970a6bd52e0e8e54f8ad0e80ab13da7fc13
aa5200ce8a6b9c60f852ae45a468b47860a65f0b53e2824ef63c71db9157cef2
GET /ps/pl.js?edg=true&fullscreen=true HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Cookie: __psu=242ce059-3b51-436e-9c21-441468b37bc9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVf%2F3vw02bRBqECqeBcASsoJJ9tGirL%2FaHpFVt40SyensBzE5Dd4nH5fj4LIMGZdNqKI5nOU0Y2Pn81mejW5y0XJwGob3wOr3N05c2ZxiekWdfgj1deaP02dPoQAjtPuqFQt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e46be8b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-dimi.akamaized.net/landings/277386/1674482702/js/tn_pHash.js?1674482703
88.221.27.128200 OK 252 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/js/tn_pHash.js?1674482703
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash 3544c08851825a863747a126548d6993
01882998e61b9f93d5f346386fa633f6b8d95b2d
9804b1c7443db74b2d7fe81cf11d84c8f0d9a7dee281b4fe8c15552bdc7eed69
GET /landings/277386/1674482702/js/tn_pHash.js?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: RKQIuPs47jw+GgV2YdzWtFHlInC0b1aKeP34MEdhK5mIMAIi06KYslboBYE8MYcQk0fLCThqxAk=
x-amz-request-id: 9VNGXFK5QS5WRCK2
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "3544c08851825a863747a126548d6993"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 252
Server: AmazonS3
Date: Thu, 11 May 2023 12:55:44 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/js/title_tanslate.js?1674482703
88.221.27.128200 OK 1.3 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/js/title_tanslate.js?1674482703
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 5f373fa5bf21c44b9ad23b70ef96e73d
068ef5b63ab18924a286f2c0c3ec46545e08c678
7f40bc2c95ee280de5320ae7d33f2e57eeeb0cda5b5820f2c456a0c9ba50ed77
GET /landings/277386/1674482702/js/title_tanslate.js?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: womzwfdvfx122HJC0dkG0vHaksbMgIvli2lULFltXAz+5rgXrN7rmt336XJc+hVlIHRzOUBFSVk=
x-amz-request-id: 9VNRHSM75H7FXJE5
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "5f373fa5bf21c44b9ad23b70ef96e73d"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 11 May 2023 12:55:44 GMT
Content-Length: 1298
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/js/jquery-2.2.4.min.js?1674482703
88.221.27.128200 OK 30 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/js/jquery-2.2.4.min.js?1674482703
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /landings/277386/1674482702/js/jquery-2.2.4.min.js?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: g0wEjRbeH4tQ2F6XZ6eWOYGJi3wq/1gm9Kh41qYfI2gKqV/7B6qWVpgtkKR5XQNvRcnILDnk9Xo=
x-amz-request-id: K8AFWKA9RCF1DXHJ
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 11 May 2023 12:55:44 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/logo-white.png
88.221.27.128200 OK 9.5 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/logo-white.png
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type PNG image data, 300 x 124, 8-bit colormap, non-interlaced\012- data
Hash 27a8fdccc08741c52422bd4852f87c3a
b103730d95829f64c0746b97a85e0ada4f6c18a2
7afbc6f7cb728a9b4dfd7791a8207c60bdd255ea2f00ba12880bee15f7fbdff0
GET /landings/277386/1674482702/images/logo-white.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 88wUEndrDOVjhFDoJFuImNKhB1vuAo0EPKK1v0j+XWtpjdZgrqXQzMAcudO4WTDX7q7XpMg0zrg=
x-amz-request-id: G2MAJFMWPEEEC571
Last-Modified: Mon, 23 Jan 2023 14:05:05 GMT
ETag: "27a8fdccc08741c52422bd4852f87c3a"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 9461
Date: Thu, 11 May 2023 12:55:44 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/logo.png
88.221.27.128200 OK 41 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/logo.png
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type PNG image data, 1024 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash c0647e470e90e4e76c886ef3f4c651ac
fe1dd72ac0432bd8f261672c7c336cf902503d3c
1d4ad487984a8f689c904f3c2532f034b03d361c081dae581752cdc20d983037
GET /landings/277386/1674482702/images/logo.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: saaPX+6fCw1usaKklFw/lLXMWpDahD/h8HepIyRfp7tUjVa7nFU3kzNWR8/Kzs6O4Gu2cP8tbQI=
x-amz-request-id: 40R9FR8B9BMRDAP2
Last-Modified: Mon, 23 Jan 2023 14:05:05 GMT
ETag: "c0647e470e90e4e76c886ef3f4c651ac"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 40774
Date: Thu, 11 May 2023 12:55:44 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/1.jpg
88.221.27.128200 OK 62 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/1.jpg
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 900x1280, components 3\012- data
Hash 765620bf3d6dcdb5495b70409b6b4ba8
f4a00a38ca93130e5e0398deea0ba2f928e2172b
e0d65a21b743f7fe6de2f4bd57316546e7f30c7810740d68322a44dfe3004373
GET /landings/277386/1674482702/images/1.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 0IGyT7tlwD+javoqF5rupwK8gjGVk52VprSOJLiY//EhvaPsm5EfkLCuvSE+02Fsv8gqBo8Z6P0=
x-amz-request-id: VE9X02YRNZABFEV2
Last-Modified: Mon, 23 Jan 2023 14:05:06 GMT
ETag: "765620bf3d6dcdb5495b70409b6b4ba8"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 62164
Date: Thu, 11 May 2023 12:55:44 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/110010_2.jpg
88.221.27.128200 OK 29 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/110010_2.jpg
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 682x388, components 3\012- data
Hash 2b8ac4e50a5bbbe4e6ea964bec7f3086
5486267315a7cd9eca01fa2fc6007060189c8b4f
8f700ae9dd68bd1130d528b77e1de92b4945e036060fdb01a02ccc148ab24ab3
GET /landings/277386/1674482702/images/110010_2.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: S10dPOpyBqY7oQzqzXfrZlfoHTUh6afcFTek1SEhaCO5C4zowvEWBZApe9rkVvRTn0os/h31WsI=
x-amz-request-id: 40R8K5Q3GPVDKC89
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "2b8ac4e50a5bbbe4e6ea964bec7f3086"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 29319
Date: Thu, 11 May 2023 12:55:44 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 730c274b5b712b90e34214ebc6644b46
a5f30db77c6b99a1926407426ffcd829ecf32529
ef2ede10f3c7aa6892aac44d7758e7b6ed4645349d4fc488ad7b8c53cae44b95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 11 May 2023 12:55:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 730c274b5b712b90e34214ebc6644b46
a5f30db77c6b99a1926407426ffcd829ecf32529
ef2ede10f3c7aa6892aac44d7758e7b6ed4645349d4fc488ad7b8c53cae44b95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 11 May 2023 12:55:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 730c274b5b712b90e34214ebc6644b46
a5f30db77c6b99a1926407426ffcd829ecf32529
ef2ede10f3c7aa6892aac44d7758e7b6ed4645349d4fc488ad7b8c53cae44b95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 11 May 2023 12:55:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oxbnr.datingllfe.net/ortb
63.32.216.166200 OK 29 B URL POST HTTP/2 oxbnr.datingllfe.net/ortb
IP 63.32.216.166:443
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerLet's Encrypt
Subject*.datingllfe.net
Fingerprint6E:78:51:54:0A:09:30:E7:C5:F3:45:BA:E7:E2:0D:49:42:4D:92:C5
ValidityFri, 28 Apr 2023 08:34:28 GMT - Thu, 27 Jul 2023 08:34:27 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash c453d1e33844d14bbd7ec2846eb408f6
b934f52ed7fbed0cee5874cb0fcafdd1cb450fcd
2b159267580e469b4eed0aaf47253e353fdf727043d52d969bd85cbff7fd4a1a
Analyzer Verdict Alert fortinet Phishing
POST /ortb HTTP/1.1
Host: oxbnr.datingllfe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 330
Origin: https://oxbnr.datingllfe.net
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/?s1=43431&s2=1106323&s3=&s5=backuser&click_id=&iexpp=1&j1=1&j5=1&utm_source=da57dc555e50572d
Cookie: unique_id=645ce5cf0007c58a; unique_id2=645b9f510009be53; 645b9f510009be53_c=1; ref_token=43431; 645b9f510009be53_sl=[277386]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 11 May 2023 12:55:45 GMT
content-type: text/plain; charset=utf-8
content-length: 29
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 47272cb076c77e164e7570dd49d90025
0039db810fa5c031bdab6e71925d197e50906041
c87f1232b211dac41dd77de133a3017154e0d47ce5aa864a782b725a3b0f9b7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 11 May 2023 12:55:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 47272cb076c77e164e7570dd49d90025
0039db810fa5c031bdab6e71925d197e50906041
c87f1232b211dac41dd77de133a3017154e0d47ce5aa864a782b725a3b0f9b7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 11 May 2023 12:55:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.3200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.3:443
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbnr.datingllfe.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 06 May 2023 03:11:48 GMT
expires: Sun, 05 May 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 467037
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
172.67.169.207 30 kB URL js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
IP 172.67.169.207:0
File type ASCII text, with very long lines (2612), with no line terminators
Hash 0dba333948dfafc2c7425b4aadf8185d
9cd6d970a6bd52e0e8e54f8ad0e80ab13da7fc13
aa5200ce8a6b9c60f852ae45a468b47860a65f0b53e2824ef63c71db9157cef2
GET /ps/pl.js?edg=true&fullscreen=true HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Cookie: __psu=242ce059-3b51-436e-9c21-441468b37bc9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:42 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjv%2FvWltOkL7frjqHdusYbJSySIRte4T8573XKymMxgWL7h6ahuj%2F3766gFkdOP8Yx882mN4DyKWtcpJKhYnrFbrSXnvou%2B3yfOMquNkH%2BW%2BuxctjxKvjx4AJTt2tmf67bAM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e7d884b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
feed.streampsh.top/ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA
172.67.169.207 4.3 kB URL feed.streampsh.top/ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA
IP 172.67.169.207:0
File type ASCII text, with CRLF line terminators
Hash 94d0d575f775178a35588e080cfceef5
5dc7578ef1009f4435b49e8ec2020da3c8bea73d
39ab43d2c92eea10c3f21f346f4a137987f99da1efd496ddd3f132d166244e3d
GET /ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA HTTP/1.1
Host: feed.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Cookie: __psu=6ddde9b6-0a9d-4552-a7f2-a1c09f724771
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:41 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2Fu080vRZ3Wflh59vAasivp7YllN9my28VmKv7LJvx8pTVe%2F7HW1i7S65oZqZhfmhdMa6QXwSrbc402Bp7jiyOG%2B5yaLdjIuAPUoh4cR1Zd%2BOWHpy%2FIU2wz5gN6NaJoktU6ygm4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e5bdf5b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-dimi.akamaized.net/landings/277386/1674482702/images/favicon.png?t=20230511125543
88.221.27.128200 OK 4.1 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/favicon.png?t=20230511125543
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 40a54c3ecf143b64096b063ff793fdbb
017eafffc5e55226a2aec0dd3c03f1b6130a6bab
39b439471019cb16f819e05166d23492593310fd55cce8471062d8f2dc5de423
GET /landings/277386/1674482702/images/favicon.png?t=20230511125543 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Rfspv8gcrUbdk91V4hkf0D5j2kxpCzqU6vPK2X1EPgTgzP2N+V97ZctRCurJCmL183Q6zyzLArI=
x-amz-request-id: S9G7NM7MNVV1FP6D
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "40a54c3ecf143b64096b063ff793fdbb"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4093
Date: Thu, 11 May 2023 12:55:45 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&appspot=
172.67.169.207 112 kB URL js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&appspot=
IP 172.67.169.207:0
File type Unicode text, UTF-8 text, with very long lines (23359), with no line terminators
Size 112 kB (111587 bytes)
Hash 0ebad74722b940ac15fc2fe8612617a8
5a7595bb7eb3215aaece1b18c0b1e0925c944907
eeb7ac95d81c4796d60a9fced50398c4e8044f67498ada36222c20a59935779e
GET /ps/ps.js?edg=true&fullscreen=true&pl=true&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=db399d8d777fb105ddeba94748ebdaf7-11246-0511&sub_id=parkdom&appspot= HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Cookie: __psu=242ce059-3b51-436e-9c21-441468b37bc9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 11 May 2023 12:55:42 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBe5HcblRJKY43dnO0FrufmILMMlUGxigOVfQsWFMInoOEmcSqJCMUE7T%2F0LqlkwZ4cvlOK8LUHe7%2F9coNHoRVXlocGro6vm9AR6R%2FDLbNuiTaiHk1%2B7S%2FyYQtRTbljqJyHW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c5a93e85927b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-dimi.akamaized.net/landings/277386/1674482702/images/3.jpg
88.221.27.128200 OK 150 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/3.jpg
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1108x1280, components 3\012- data
Size 150 kB (149812 bytes)
Hash 8ff03d86c53d978e5527374b5bcd5114
2b63b0853d74e24d74d26dbf9622c407e3c74ea9
10dedae19a11a0cf1cea2db4646bde720e63e35140f38ae3453fa2a4e4649e1c
GET /landings/277386/1674482702/images/3.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Xirc4fkz0JOSaRS7VBS3M8nzLP7O9RnlkHucQpuinBkelD+B+7nBZr41dGSTLSs2/GCSrwUj0pg=
x-amz-request-id: XJSRKQFA4YQZWMJS
Last-Modified: Mon, 23 Jan 2023 14:05:06 GMT
ETag: "8ff03d86c53d978e5527374b5bcd5114"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 149812
Date: Thu, 11 May 2023 12:55:46 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/1.mp4
88.221.27.128206 Partial Content 1.6 MB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/1.mp4
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 1.6 MB (1560164 bytes)
Hash 379ddec6d7d6e118bd7565d1c83dbb90
16becb1b44f3f35b0fa239668901338cba6eff06
5635dd2c6c23dfdc3e4eb82afc4231a27e8522ec332b8568a3fc7ae8755fec94
GET /landings/277386/1674482702/images/1.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
x-amz-id-2: 1Ax9N+Cfw91vDfS7SxXRZKuE+o4c4UcnjyTZdFm9/oi70hWYxtxdgby+ENQIv8dZ+MsudWMhl4o=
x-amz-request-id: FBRABVME30ZYGQHT
Last-Modified: Mon, 23 Jan 2023 14:05:05 GMT
ETag: "379ddec6d7d6e118bd7565d1c83dbb90"
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Thu, 11 May 2023 12:55:46 GMT
Content-Range: bytes 0-1560163/1560164
Content-Length: 1560164
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/2.jpg
88.221.27.128200 OK 103 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/2.jpg
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 960x1280, components 3\012- data
Size 103 kB (102832 bytes)
Hash 3b8b455b24c71ae1f928266241e9517e
8b98ca60c92b83e039c3b996f090883ed8b7ca75
c8d05f7eda85f68f0a08307eeee4e481282fda95570dd53f300b8aadd4f504f6
GET /landings/277386/1674482702/images/2.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: hODAwaxhhoNUzaw+wGQIdlKGG1r6rlm0Gl11mKPn3J7w0gqE64598E1ANjtxBygXrh+DY1h3pjY=
x-amz-request-id: JTW6JJFVF42X0DH8
Last-Modified: Mon, 23 Jan 2023 14:05:05 GMT
ETag: "3b8b455b24c71ae1f928266241e9517e"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 102832
Date: Thu, 11 May 2023 12:55:46 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
142.250.74.106200 OK 6.8 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
IP 142.250.74.106:443
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type ASCII text, with very long lines (7013), with no line terminators
Hash 49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09
GET /css2?family=Roboto:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 11 May 2023 12:55:44 GMT
date: Thu, 11 May 2023 12:55:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap
142.250.74.106200 OK 3.8 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap
IP 142.250.74.106:443
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type ASCII text, with very long lines (3864), with no line terminators
Hash 614d0444eb71829995cb071257548a03
f40117d12bea2fade0d15f71577e9b1e4055bfc8
91a5302a57c4125e14bad34dd8e7be1a9c6a34d03ab7d85a2f22e1482ede7a02
GET /css2?family=Ubuntu:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 11 May 2023 12:55:44 GMT
date: Thu, 11 May 2023 12:55:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn-dimi.akamaized.net/landings/277386/1674482702/js/vegas.js?1674482703
88.221.27.128200 OK 12 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/js/vegas.js?1674482703
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (11568), with CRLF line terminators
Hash 9acc66fdf18dea05bd75165eb5a96259
f613c52a08155727d4f07536d7bc8df5b6fa0c84
4941450491d73ab79ffb428e660c4cb581acbbad86edf8e943211ea51fe3a6c1
GET /landings/277386/1674482702/js/vegas.js?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: cnTKYV3j0ttH5Z4Sqnkq1TLYPTTKf16p6n7Tcz4Ajrk8GfHWfG08uqKcBGtoz81yZIyzVkp8T7k=
x-amz-request-id: K8ABFAWS7M4M20TR
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "9acc66fdf18dea05bd75165eb5a96259"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 11 May 2023 12:55:44 GMT
Content-Length: 3401
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
63.32.216.166200 OK 34 kB URL User Request GET HTTP/2 oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
IP 63.32.216.166:443
Certificate IssuerLet's Encrypt
Subject*.datingllfe.net
Fingerprint6E:78:51:54:0A:09:30:E7:C5:F3:45:BA:E7:E2:0D:49:42:4D:92:C5
ValidityFri, 28 Apr 2023 08:34:28 GMT - Thu, 27 Jul 2023 08:34:27 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (920)
Hash 9d44e504a1e171b49fe1352d8fde695e
5e3c22d2c266f912432da77bc1819eaf0ac083a0
0e315ced3d47bd004f4863c101989ada8576fc55ad156828f10abee40c51f167
GET /?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1 HTTP/1.1
Host: oxbnr.datingllfe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 11 May 2023 12:55:43 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=645ce5cf0007c58a; Path=/; Expires=Mon, 10 Jul 2023 12:55:43 GMT; Secure; SameSite=None
unique_id2=645b9f510009be53; Path=/; Expires=Wed, 09 Aug 2023 12:55:43 GMT; Secure; SameSite=None
645b9f510009be53_c=1; Path=/; Expires=Wed, 09 Aug 2023 12:55:43 GMT; Secure; SameSite=None
ref_token=43431; Path=/; Expires=Sat, 10 Jun 2023 12:55:43 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Thu, 11 May 2023 12:55:43 GMT; Secure; SameSite=None
645b9f510009be53_sl=[277386]; Path=/; Expires=Thu, 25 May 2023 12:55:43 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-dimi.akamaized.net/landings/277386/1674482702/js/translates.js?1674482703
88.221.27.128200 OK 28 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/js/translates.js?1674482703
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /landings/277386/1674482702/js/translates.js?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.datingllfe.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: TIW3vRFhKm0yCOx8VQ93CAm5ZLwnxLU8dQXppKANNofjPZl8kwWFGfOniviPbWsAJbMVgRtfaBs=
x-amz-request-id: K8AD9DT85B3KC9GP
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "07cee83d1be10af1ca991d1c60abd6e2"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 11 May 2023 12:55:44 GMT
Content-Length: 10048
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.3200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.3:443
Requested by https://oxbnr.datingllfe.net/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbnr.datingllfe.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 06 May 2023 07:44:41 GMT
expires: Sun, 05 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 450664
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2