Report - beelinn.ru/kkNV6Sk1?cost={REAL_COST}&sub_id_1={HSITE2}&sub_id_2={CAMP}&sub_id_3={REGION}&sub_id_4={COUNTRY}&sub_id

Report Overview

Submitted URL
beelinn.ru/kkNV6Sk1?cost={REAL_COST}&sub_id_1={HSITE2}&sub_id_2={CAMP}&sub_id_3={REGION}&sub_id_4={COUNTRY}&sub_id_5={NUM}
IP
185.198.164.116
ASN
#21100 ITL LLC
Submitted
2023-05-25 06:47:08
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
azkcqs.com	22208	2021-08-04	2021-08-04	2023-05-24	559 B	184 B	185.162.85.20
ecrwqu.com	577459	2021-11-09	2021-11-09	2023-05-24	552 B	2.4 kB	185.162.85.14
beelinn.ru	unknown	2023-02-09	2023-05-23	2023-05-25	578 B	440 B	185.198.164.116
s.viiyblva.com	unknown	2023-01-13	2023-05-16	2023-05-24	3.0 kB	20 kB	31.220.27.135
alvsx.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-16	10 kB	328 kB	104.21.7.3
js.streampsh.top	unknown	2022-11-18	2023-05-01	2023-05-25	1.6 kB	34 kB	104.21.27.231
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-24	666 B	1.4 kB	142.250.74.131
b.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-25	693 B	16 kB	104.21.7.3
www.highcpmrevenuenetwork.com	unknown	2022-12-23	2022-12-23	2023-05-23	1.1 kB	1.1 kB	173.233.139.164
d.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-25	8.9 kB	238 kB	104.21.7.3
goto.trackpshgoto.win	unknown	2023-02-17	2023-02-19	2023-05-22	592 B	1.3 kB	20.113.188.243
a.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-25	2.6 kB	186 kB	104.21.7.3
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-24	2.2 kB	55 kB	142.250.74.35
c.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-25	1.4 kB	179 kB	104.21.7.3
arpfam.com	unknown	2023-05-10	2015-04-21	2023-05-25	584 B	125 kB	185.56.234.205

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-25 06:46:52	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-05-24	medium	ecrwqu.com

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (56)

URL IP Response Size

beelinn.ru/kkNV6Sk1?cost={REAL_COST}&sub_id_1={HSITE2}&sub_id_2={CAMP}&sub_id_3={REGION}&sub_id_4={COUNTRY}&sub_id_5={NUM}

185.198.164.116

0 B

URL
beelinn.ru/kkNV6Sk1?cost={REAL_COST}&sub_id_1={HSITE2}&sub_id_2={CAMP}&sub_id_3={REGION}&sub_id_4={COUNTRY}&sub_id_5={NUM}
IP
185.198.164.116:0
ASN
#21100 ITL LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /kkNV6Sk1?cost={REAL_COST}&sub_id_1={HSITE2}&sub_id_2={CAMP}&sub_id_3={REGION}&sub_id_4={COUNTRY}&sub_id_5={NUM} HTTP/1.1
Host: beelinn.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 25 May 2023 06:46:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://arpfam.com/video-16?h=waWQiOjEwMDk5OTIsInNpZCI6MTE3ODY3Mywid2lkIjo0MTA3NzYsInNyYyI6Mn0=eyJ&clickid=1sisi1aflqnr&si1=%7BHSITE2%7D
Pragma: no-cache
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1009992&st=1178673&wd=410776&d=arpfam.com&tpl=89&rnd=0.8321295061581284&sbid=%257BHSITE2%257D&sbid2=

185.162.85.20

0 B

URL
azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1009992&st=1178673&wd=410776&d=arpfam.com&tpl=89&rnd=0.8321295061581284&sbid=%257BHSITE2%257D&sbid2=
IP
185.162.85.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rpe?a=1&s=1&act=17&src=2&p=1009992&st=1178673&wd=410776&d=arpfam.com&tpl=89&rnd=0.8321295061581284&sbid=%257BHSITE2%257D&sbid2= HTTP/1.1
Host: azkcqs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qxm73.arpfam.com
DNT: 1
Connection: keep-alive
Referer: https://qxm73.arpfam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 25 May 2023 06:46:51 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2

ecrwqu.com/cuclc?aid=13866483754327360834&t=1684997211&s=198

185.162.85.14

1.2 kB

URL
ecrwqu.com/cuclc?aid=13866483754327360834&t=1684997211&s=198
IP
185.162.85.14:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1163), with no line terminators
Size
1.2 kB (1163 bytes)
Hash
1f843370935a243f7f3d4d6fa238ec26
b10a32cfe2f32e7f94b05ce459c15da1fb07a877
90f306f6026ee372aaca604b0ce45cfeef662deedc6c2f72a4840368ffaf0e0d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cuclc?aid=13866483754327360834&t=1684997211&s=198 HTTP/1.1
Host: ecrwqu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qxm73.arpfam.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.18.0
date: Thu, 25 May 2023 06:46:51 GMT
content-type: text/html; charset=utf-8
content-length: 1163
location: https://s.viiyblva.com/h/1524/m2nuuqm24v4vvugdulcho45o3czmfy7mwn3uuwsconaeamdvezctzc6d6xbhcbjc2bl3yso3kl5mwuhuk2n4u562gpzpf6gq6cm4zkzmtbfcnclw36l6f7slwjzod27h6bd5oqnz46tz25pcpjjnusdmbar6aslbvr2w2ssingmea4vdgrgkarswynzltdunop5hxgu46vxym34nyxxmo5n7jfff6sm2oc7ozdwfjw3uby3xriyxh4t4rp4pntkazzkfc6cxj5mxg4lbpjzueyagpbxx2y3xi5bfibsli5aggsp2njdy4vcj2fwy62k2ybjututwkismwwsm7p4iw53stcgfiycrkbrdmtamwzbsdcdqyvfz5jsa6jzj7mcfwbcydm3zr5rrcei4bzteekc6emgwe6d4auiqw43qgn7xwstea54w6jleofbumwyhcajr3udsjptejqhlwff7s5lz65fed74tjoldjt7qx5xzm43c2xruvat2x76mdiebzh7metedotrewibchqzes7azfi3taodnaudqguizaiftqfzfdiuuejzce5hemwandqyc27iqgjnt2zlsmr5umq2qcqarwdbvjv5vu523m5zhawkclj4hyytqobdxkvjmfqqtaladbrpqgr2ejb3bgji5gjiwazlzkfdf63bnfy6coaj5k4qqoljtpyjbwfaeiaieqnirpboxgcbwfvyfses2onywc6lwiqzak73ko5xhmeyua4uei6dsmncx6xd6lnrhq7czm7vkjdozu35ondx4jrymja5lvnydfnxzxx4vokgkyth2cwzl5l6yvp5qw6u3pplshm2w62kmz5hwwxakiydaeqt7l4xrqjyige6rmeiydu4ronjyeekqyvzjfuucghcairkqurcfjn7bgjido2cvoy2lkgwol5xlkbzgq62sf2n2qtdxr73x2t3ahpx4ezpxre6hyvkqjnescxoedh3rpptkf66emfispmpvoilb?u=
X-Firefox-Spdy: h2

s.viiyblva.com/cnt/api/index

31.220.27.135

0 B

URL
s.viiyblva.com/cnt/api/index
IP
31.220.27.135:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cnt/api/index HTTP/1.1
Host: s.viiyblva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3155
Origin: https://s.viiyblva.com
DNT: 1
Connection: keep-alive
Referer: https://s.viiyblva.com/h/1524/m2nuuqm24v4vvugdulcho45o3czmfy7mwn3uuwsconaeamdvezctzc6d6xbhcbjc2bl3yso3kl5mwuhuk2n4u562gpzpf6gq6cm4zkzmtbfcnclw36l6f7slwjzod27h6bd5oqnz46tz25pcpjjnusdmbar6aslbvr2w2ssingmea4vdgrgkarswynzltdunop5hxgu46vxym34nyxxmo5n7jfff6sm2oc7ozdwfjw3uby3xriyxh4t4rp4pntkazzkfc6cxj5mxg4lbpjzueyagpbxx2y3xi5bfibsli5aggsp2njdy4vcj2fwy62k2ybjututwkismwwsm7p4iw53stcgfiycrkbrdmtamwzbsdcdqyvfz5jsa6jzj7mcfwbcydm3zr5rrcei4bzteekc6emgwe6d4auiqw43qgn7xwstea54w6jleofbumwyhcajr3udsjptejqhlwff7s5lz65fed74tjoldjt7qx5xzm43c2xruvat2x76mdiebzh7metedotrewibchqzes7azfi3taodnaudqguizaiftqfzfdiuuejzce5hemwandqyc27iqgjnt2zlsmr5umq2qcqarwdbvjv5vu523m5zhawkclj4hyytqobdxkvjmfqqtaladbrpqgr2ejb3bgji5gjiwazlzkfdf63bnfy6coaj5k4qqoljtpyjbwfaeiaieqnirpboxgcbwfvyfses2onywc6lwiqzak73ko5xhmeyua4uei6dsmncx6xd6lnrhq7czm7vkjdozu35ondx4jrymja5lvnydfnxzxx4vokgkyth2cwzl5l6yvp5qw6u3pplshm2w62kmz5hwwxakiydaeqt7l4xrqjyige6rmeiydu4ronjyeekqyvzjfuucghcairkqurcfjn7bgjido2cvoy2lkgwol5xlkbzgq62sf2n2qtdxr73x2t3ahpx4ezpxre6hyvkqjnescxoedh3rpptkf66emfispmpvoilb?u=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.23.2
date: Thu, 25 May 2023 06:46:52 GMT
content-type: application/json
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://s.viiyblva.com
X-Firefox-Spdy: h2

goto.trackpshgoto.win/15GTfe?camp=638762&site=1417799857244824&category=1560&cost=0.0012&external_id=cnv62b0ea235dff98e7997147a322395bae

20.113.188.243

320 B

URL
goto.trackpshgoto.win/15GTfe?camp=638762&site=1417799857244824&category=1560&cost=0.0012&external_id=cnv62b0ea235dff98e7997147a322395bae
IP
20.113.188.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, ASCII text, with very long lines (320), with no line terminators
Size
320 B (320 bytes)
Hash
806a9f774abee044281ce3b54aa1c63a
497a40845a418fea28e6ae834e1c912921a4ac07
0489bc1c481bd36976604fb135c1c6481bd145cec73975b28a0efb441b877b32

HTTP Headers

GET /15GTfe?camp=638762&site=1417799857244824&category=1560&cost=0.0012&external_id=cnv62b0ea235dff98e7997147a322395bae HTTP/1.1
Host: goto.trackpshgoto.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Thu, 25 May 2023 06:46:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 320
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GTfeo=20230525091684997227462; domain=.goto.trackpshgoto.win; path=/;expires=Fri, 26 May 2023 06:46:52 GMT;  httpOnly=true;SameSite=None; Secure;
_pc_lc_id=15GTfe; domain=.goto.trackpshgoto.win; path=/;expires=Fri, 26 May 2023 06:46:52 GMT;  httpOnly=true;SameSite=None; Secure;
peerclickcid=d6ae3c04546aa162c683ad3aa407b4da-42510-0525; domain=.goto.trackpshgoto.win; path=/;expires=Fri, 26 May 2023 06:46:52 GMT;  httpOnly=true;SameSite=None; Secure;
_norg=1; domain=.goto.trackpshgoto.win; path=/;expires=Fri, 26 May 2023 06:46:52 GMT;  httpOnly=true;SameSite=None; Secure;
Location: https://alvsx.cloudpsh.top/?pl=ilQCmFnYrkuT1vv7YSUY4Q&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824
Vary: Accept

s.viiyblva.com/h/1524/m2nuuqm24v4vvugdulcho45o3czmfy7mwn3uuwsconaeamdvezctzc6d6xbhcbjc2bl3yso3kl5mwuhuk2n4u562gpzpf6gq6cm4zkzmtbfcnclw36l6f7slwjzod27h6bd5oqnz46tz25pcpjjnusdmbar6aslbvr2w2ssingmea4vdgrgkarswynzltdunop5hxgu46vxym34nyxxmo5n7jfff6sm2oc7ozdwfjw3uby3xriyxh4t4rp4pntkazzkfc6cxj5mxg4lbpjzueyagpbxx2y3xi5bfibsli5aggsp2njdy4vcj2fwy62k2ybjututwkismwwsm7p4iw53stcgfiycrkbrdmtamwzbsdcdqyvfz5jsa6jzj7mcfwbcydm3zr5rrcei4bzteekc6emgwe6d4auiqw43qgn7xwstea54w6jleofbumwyhcajr3udsjptejqhlwff7s5lz65fed74tjoldjt7qx5xzm43c2xruvat2x76mdiebzh7metedotrewibchqzes7azfi3taodnaudqguizaiftqfzfdiuuejzce5hemwandqyc27iqgjnt2zlsmr5umq2qcqarwdbvjv5vu523m5zhawkclj4hyytqobdxkvjmfqqtaladbrpqgr2ejb3bgji5gjiwazlzkfdf63bnfy6coaj5k4qqoljtpyjbwfaeiaieqnirpboxgcbwfvyfses2onywc6lwiqzak73ko5xhmeyua4uei6dsmncx6xd6lnrhq7czm7vkjdozu35ondx4jrymja5lvnydfnxzxx4vokgkyth2cwzl5l6yvp5qw6u3pplshm2w62kmz5hwwxakiydaeqt7l4xrqjyige6rmeiydu4ronjyeekqyvzjfuucghcairkqurcfjn7bgjido2cvoy2lkgwol5xlkbzgq62sf2n2qtdxr73x2t3ahpx4ezpxre6hyvkqjnescxoedh3rpptkf66emfispmpvoilb?u=

31.220.27.135

20 kB

URL
s.viiyblva.com/h/1524/m2nuuqm24v4vvugdulcho45o3czmfy7mwn3uuwsconaeamdvezctzc6d6xbhcbjc2bl3yso3kl5mwuhuk2n4u562gpzpf6gq6cm4zkzmtbfcnclw36l6f7slwjzod27h6bd5oqnz46tz25pcpjjnusdmbar6aslbvr2w2ssingmea4vdgrgkarswynzltdunop5hxgu46vxym34nyxxmo5n7jfff6sm2oc7ozdwfjw3uby3xriyxh4t4rp4pntkazzkfc6cxj5mxg4lbpjzueyagpbxx2y3xi5bfibsli5aggsp2njdy4vcj2fwy62k2ybjututwkismwwsm7p4iw53stcgfiycrkbrdmtamwzbsdcdqyvfz5jsa6jzj7mcfwbcydm3zr5rrcei4bzteekc6emgwe6d4auiqw43qgn7xwstea54w6jleofbumwyhcajr3udsjptejqhlwff7s5lz65fed74tjoldjt7qx5xzm43c2xruvat2x76mdiebzh7metedotrewibchqzes7azfi3taodnaudqguizaiftqfzfdiuuejzce5hemwandqyc27iqgjnt2zlsmr5umq2qcqarwdbvjv5vu523m5zhawkclj4hyytqobdxkvjmfqqtaladbrpqgr2ejb3bgji5gjiwazlzkfdf63bnfy6coaj5k4qqoljtpyjbwfaeiaieqnirpboxgcbwfvyfses2onywc6lwiqzak73ko5xhmeyua4uei6dsmncx6xd6lnrhq7czm7vkjdozu35ondx4jrymja5lvnydfnxzxx4vokgkyth2cwzl5l6yvp5qw6u3pplshm2w62kmz5hwwxakiydaeqt7l4xrqjyige6rmeiydu4ronjyeekqyvzjfuucghcairkqurcfjn7bgjido2cvoy2lkgwol5xlkbzgq62sf2n2qtdxr73x2t3ahpx4ezpxre6hyvkqjnescxoedh3rpptkf66emfispmpvoilb?u=
IP
31.220.27.135:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (43877), with CRLF, LF line terminators
Size
20 kB (19455 bytes)
Hash
1bf99ab506ce995abb5afea254277890
94f9421c93796c4ad342a59aba8fb6f436c5f663
6e292063da399a06a6449a5508ae81a0e573bea7487f5bc019fd019926b56d78

HTTP Headers

GET /h/1524/m2nuuqm24v4vvugdulcho45o3czmfy7mwn3uuwsconaeamdvezctzc6d6xbhcbjc2bl3yso3kl5mwuhuk2n4u562gpzpf6gq6cm4zkzmtbfcnclw36l6f7slwjzod27h6bd5oqnz46tz25pcpjjnusdmbar6aslbvr2w2ssingmea4vdgrgkarswynzltdunop5hxgu46vxym34nyxxmo5n7jfff6sm2oc7ozdwfjw3uby3xriyxh4t4rp4pntkazzkfc6cxj5mxg4lbpjzueyagpbxx2y3xi5bfibsli5aggsp2njdy4vcj2fwy62k2ybjututwkismwwsm7p4iw53stcgfiycrkbrdmtamwzbsdcdqyvfz5jsa6jzj7mcfwbcydm3zr5rrcei4bzteekc6emgwe6d4auiqw43qgn7xwstea54w6jleofbumwyhcajr3udsjptejqhlwff7s5lz65fed74tjoldjt7qx5xzm43c2xruvat2x76mdiebzh7metedotrewibchqzes7azfi3taodnaudqguizaiftqfzfdiuuejzce5hemwandqyc27iqgjnt2zlsmr5umq2qcqarwdbvjv5vu523m5zhawkclj4hyytqobdxkvjmfqqtaladbrpqgr2ejb3bgji5gjiwazlzkfdf63bnfy6coaj5k4qqoljtpyjbwfaeiaieqnirpboxgcbwfvyfses2onywc6lwiqzak73ko5xhmeyua4uei6dsmncx6xd6lnrhq7czm7vkjdozu35ondx4jrymja5lvnydfnxzxx4vokgkyth2cwzl5l6yvp5qw6u3pplshm2w62kmz5hwwxakiydaeqt7l4xrqjyige6rmeiydu4ronjyeekqyvzjfuucghcairkqurcfjn7bgjido2cvoy2lkgwol5xlkbzgq62sf2n2qtdxr73x2t3ahpx4ezpxre6hyvkqjnescxoedh3rpptkf66emfispmpvoilb?u= HTTP/1.1
Host: s.viiyblva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qxm73.arpfam.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.23.2
date: Thu, 25 May 2023 06:46:52 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
accept-ch: Width, Viewport-Width, DPR, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
content-encoding: gzip
X-Firefox-Spdy: h2

alvsx.crystalcrafter.top/ph-new/assets/thumb-big.jpg

104.21.7.3

83 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Size
83 kB (82623 bytes)
Hash
cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

HTTP Headers

GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1700
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39pRKnE2R27q32XWVWnTt3WYgN0J8yLtlOXynAwQqXPZ0G2um9rL50J6ETCChz5htE%2FrGzSuJt1BxIZdd0FNsuS6LYdThiEG7CvP5H0lLYbMM98llcHGpCP6gKF%2BGol3dCfn%2BFCcX447BzU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e57831b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

js.streampsh.top/ps/pl.js?edg=true&fullscreen=true

104.21.27.231

1.2 kB

URL
js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
IP
104.21.27.231:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2763), with no line terminators
Size
1.2 kB (1167 bytes)
Hash
c8409dd7d34d07dcb58bcc964fb674da
09110579eed1a3a7cedf79aa258bd337a74bd644
daa69a5e86f32de4ab6cdac3ee241b8a3b7a30d60ecb335bfc20236fb675cbdb

HTTP Headers

GET /ps/pl.js?edg=true&fullscreen=true HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mduGTF2o3phUD%2FH6I6PytHaL%2FHxSK%2FuT5exE9ntU5UHtVu1c086UHsmX31YymNdar4IhI5ej0fFqWsybVvqRL9PjM1dsyjlmFoudoL57nNqvdlyOkKSQP81he7o1nnivmfjB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e5df7ffac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
abec0b27117032d4b87c029a25e2ce98
4c80c24717da4be72fd100343c5e92c1724ccd74
bc6bffd934c5172ab19ec9a41808b5543016f109670947e16c7ba285a295f606

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 25 May 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&appspot=

104.21.27.231

15 kB

URL
js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&appspot=
IP
104.21.27.231:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (23337), with no line terminators
Size
15 kB (15330 bytes)
Hash
c2c2d52da93ad2b29133a3bfc69071f6
c5463a455b2c160c33171e045ae247fadfedb37b
1de1b7faa70a00e2fa5c223757eed836f359670b7ea7df1f9c30c31d9c822a13

HTTP Headers

GET /ps/ps.js?edg=true&fullscreen=true&pl=true&id=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&appspot= HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
set-cookie: __psu=a91fb68c-f06c-4b57-a9a6-54bf85c9e438; expires=Sun, 25 May 2025 06:46:53 GMT; path=/; secure; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srRc%2F%2FqPS3Msbl%2Bhj57Sb4o8fJvdGBgfVVAMU8eLtSMBqgwGo7SRMvx5Q1sRRaEnHhTW6f3Ull8AKZmz%2F7xfAJH1AwjwhrJSNLkBDz35cQ5wz7mxGDzkjlLIXPV5W09a2chp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e6bd59b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/rec-1.jpg

104.21.7.3

14 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-1.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (14404 bytes)
Hash
b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47

HTTP Headers

GET /ph-new/assets/rec-1.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xp8Cdj38dCvDffRQGaC935g7uiitFWgPykyMOfhFHbnc8QpsuPqMAso2N3TbgYxO3ErgEWg7WZVELyUQAkpY%2BvBO6e10uV59wgEiwPqMGl0wGoDbK0AVOVOqiKLR5WXK78jLJTC2cOe%2BMwg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e96db0b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/rec-2.jpg

104.21.7.3

11 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-2.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
11 kB (10890 bytes)
Hash
dbe1dba764a2ef20cf6760ad30539988
e14dca406d4f5932a9a4683635bbdf87def79eba
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7

HTTP Headers

GET /ph-new/assets/rec-2.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 10890
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2a8a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wh1T5JXsqv2LWEf8spPOeryxEad%2F3EEoy5Vf3r9pn%2B5KrVsmmAkNscJ23fuZgnNSODawJbhdjTxVeP3vXVd0jLeldf1brkBEmt%2FahIwWd%2FTdozbfI7dsSpFwChs0xBW2DSi1S7MUsMqMduA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e96dbab512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/rec-6.jpg

104.21.7.3

16 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-6.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
16 kB (15988 bytes)
Hash
4887925f773d2ba9caea39686f764c7f
98c9abb09854fee425dbd78ad623af053cec6721
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773

HTTP Headers

GET /ph-new/assets/rec-6.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 15988
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3e74"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uxD019P3N3CtMOnm8mXLEUGJS1jVQECyD99YigSGT9srWufI%2BGk6HW%2FdoBMoL7e59h2K%2BDYuXAsrYOo0NGdg6iSAXXvZKJubH1OoNsU0u%2F0w0NTnt8Ott5eLozzADRF4Ee8wPQbQuuwl7k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e96dccb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/rec-4.jpg

104.21.7.3

8.9 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-4.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
8.9 kB (8900 bytes)
Hash
8375f2a1249ce00f118c5b616ab71492
4e2d3bc095c01632578b0b39afbfc03f43e3fa42
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483

HTTP Headers

GET /ph-new/assets/rec-4.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 8900
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-22c4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MZzbNfNKmKGYTihRYtSkPMneMIgctG5lVnw3WpvO8DeYM3Nd4B6f%2BIqTOffnEDHXVM5joOxKtoxM1L5orVswkWVDIZ7WjXfkSBMo7vt0hmv3qDy4lQH6Alx3p%2BlZjuLqgIGOgpoZhO8qDE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e96dcab512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
abec0b27117032d4b87c029a25e2ce98
4c80c24717da4be72fd100343c5e92c1724ccd74
bc6bffd934c5172ab19ec9a41808b5543016f109670947e16c7ba285a295f606

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 25 May 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

alvsx.crystalcrafter.top/ph-new/assets/rec-7.jpg

104.21.7.3

14 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-7.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (13963 bytes)
Hash
f8af6bb4bdbbf2788da61a614e2f214e
d4a22a315356fcbc5f4a6af2d8a15e96721abddc
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc

HTTP Headers

GET /ph-new/assets/rec-7.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 13963
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-368b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Btn35DWZNBkCEUDU2%2FYEC3m5Kr5L5Td9XmWa77rzmdC5Fw7QoqhJN5mLlaTyvdiGlBBVscPAc8ZQ0j5R1DSLhvs7hQUnmvpimDU%2Fhe1kSYpa%2BihtrkBKWQqvjOaE6kE7r3RJxt2Y%2BpAULgM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e97dd1b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/rec-5.jpg

104.21.7.3

13 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-5.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
13 kB (13149 bytes)
Hash
f9ec603fbe19b12e8a8c1874eea3e5f2
0e24410f618ffa17dc6a9380a5b9a4c06dfba4a9
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02

HTTP Headers

GET /ph-new/assets/rec-5.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 13149
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-335d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rV2g5SVVbjmNC8MphGtTBb1qmBAYR3EmJNm8uKvkbU2FMahXpP8z9NBcYC3Ob8XitMOGS35DhoE7SgGE1RZFKB6n9DzBjBrsCcAx7GQBu3KU4U4V8fdOFn9D5wzL05f9C7L5JCBm38sJLnc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e96dc7b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/2.jpg

104.21.7.3

21 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/2.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
21 kB (21253 bytes)
Hash
c3f3eb5d00c73ac19828309a4cde4e96
be66f4e10a00d90a0f8fdc0a5a4dbd19c143d97d
626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763

HTTP Headers

GET /ph-new/assets/2.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 21253
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-5305"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e9VmevpmswyHTe4P6b84%2FZio42OAVRgJDR1wUPAJCUHZkU3OH4nfM7v8ckFVX3FT3t%2BZwfEWYD%2FBcWlYtw0c%2BhI0FAz%2BbmHqy%2BnTm%2BOa0ID4eW4uhqQOWJJj0RTuC%2BWngetQUFKRpkVw%2Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e97de5b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/rec-3.jpg

104.21.7.3

15 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-3.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
15 kB (15217 bytes)
Hash
4d58cecaa4f40c979917c8e4d907033f
f0c6d616bcc3f4bd5a1dadbca8254d9f34f2921c
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996

HTTP Headers

GET /ph-new/assets/rec-3.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 15217
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3b71"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FY5mhIa3jzOsClyebUKGuOA5BO9l8sOLYFkIzqMg19ahj4ZMmfE1z2dM64efrJY5h85GIdLKc7UOqbUYqPGSCrcp4zyW0%2Fol3jEZdTfs%2FMNGPtSRs4c9yhL2KoRVGkPRLfEapIdqlR%2BvJ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e96dc3b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/rec-8.jpg

104.21.7.3

13 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-8.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
13 kB (12992 bytes)
Hash
eb826882457e1589d8a7d3b3499c4556
91284882dec199a9cc02ffa3ef3c86505159ce12
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940

HTTP Headers

GET /ph-new/assets/rec-8.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 12992
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-32c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYzghCl5BslfCAEzlbByI9RFWzpZU4%2Fc7bqGvVdlCTwobirPqEg3MbYUSYiiqs3kkHojAa%2B3bj2N3WGFEgAVqCO5inOlYk83qCMsS0yk6%2B2che9bNuRRWacLfJyQT88SeY3CfApOv0oc0lc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e97ddbb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/1.jpg

104.21.7.3

14 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/1.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (14404 bytes)
Hash
b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47

HTTP Headers

GET /ph-new/assets/1.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Va670fxxt5C7RZRNrWuT8vun5gbMHF98GQqb2Iu2erhS8NfTKMlBTkvVR%2Fm56JIdzZ8xxmTNPQNUvcqZquofy0KBuHV2E%2F0TxRFZSIhRJ8Bu4NVtSlpG4KOMJzQbN0Ge7qcJfdE07uBERJ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e97dd8b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/5.jpg

104.21.7.3

12 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/5.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
12 kB (11713 bytes)
Hash
113d196991f086fe21f82ee35286eddc
093b74a20c8902f13be1ee735f90a93e397227f9
34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1

HTTP Headers

GET /ph-new/assets/5.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 11713
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2dc1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExAz43ItO6%2B2ivup79OeckV3Ge%2Fh909nYH0vWMHiUq0DfhEbGx8fSwjXRO8weuQMvXtkWxD9BER3ZNRN3kNPYs5MpGMFNiFj01WU8yFxRMHMAPelmfVXDSRd%2BRYOVPsdAog%2FeFC4DZvnTw0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e98dfab512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/4.jpg

104.21.7.3

14 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/4.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (13611 bytes)
Hash
a4bef91e21afc13fed7f0bebcc6c4495
5dd2288d13e016a66fbe1f5605b2ed0fc3ad6326
44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd

HTTP Headers

GET /ph-new/assets/4.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 13611
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-352b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOGNSzFifUsLc%2BpPlaTf7ijrfsU5iDysqzSkdNOGb4Jo4CxcTdu8wjIlfM5JPyzi1xx2qajCBSGCJqmCRuWiXXITSOivYeSn5Mc4iYYjb3zToHwVXe71MluWjCXaI63HMIMEfmIhC1UY2Ow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e98dfbb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/3.jpg

104.21.7.3

11 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/3.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
11 kB (11094 bytes)
Hash
3f9b232e4a112a89dedcae34ff319dda
5c633886ceeaf3b1185e24253df6be39378c8e85
55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a

HTTP Headers

GET /ph-new/assets/3.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: image/jpeg
content-length: 11094
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2b56"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhDMkpPPU0hVTeAB7o2FNsQRPqpDPR9rKnEgox2MAqpqCAdN0wkxUuuMvy5qahUFtxMPs6gF%2BgOJHz8jP3xlDLRLrZT1tWYOmU%2B3Zrgilp3lFuwwh6zswVAPoXpUEo%2FpV3NApS4KG3c9HQU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2e97decb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512

104.21.7.3

27 kB

URL
alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Size
27 kB (26635 bytes)
Hash
c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a

HTTP Headers

GET /ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512 HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 May 2023 06:46:52 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ca%2F1xB83QuGK4FY31FWlsERJLoOcU6RrBDJVwthCZPgfVRDbDlZLjs0H69t2ZZNQpJSX8z4RpXQfoP%2BWHb43vHe630LoFBbVGYEkbLTbX0UafOBo2ghSXqyVuwEgmQ79YFdfe46Zbp08nW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ccbd2e45d07b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

a.crystalcrafter.top/ph-new/assets/thumb-big.jpg

104.21.7.3

83 kB

URL
a.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Size
83 kB (82623 bytes)
Hash
cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

HTTP Headers

GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:54 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABk0vEg%2FemQY4zPnGKTwXOC1wAbv3yNTDi7Jh3M5PSD4Yt37mMpSXHtLZ9ix%2FnfQ1tnJWjRxv%2BJWo0PrJObMkSyeCRBuMsuvh6jICmjEJYiZ6yAP1SJgkchikHyGvslUXJuKxKdoFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2ebe9fcb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

a.crystalcrafter.top/favicon.ico

104.21.7.3

0 B

URL
a.crystalcrafter.top/favicon.ico
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Thu, 25 May 2023 06:46:54 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1694
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tl1GVx6Y5rne1OVgkdBANrtvZdSJ0I6TFYJuPCABlYIAkQ6tmVyz5iPD1%2BEpOVvGV5OPaqHm5FC%2B%2BtSF%2BEdIsK3l1NlnhoDIhY%2BMkzPzOgeNtvlVXVWuurZ0b1W%2FBVsyTwo8U4u0uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2ed3c17b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&appspot=

104.21.27.231

16 kB

URL
js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&appspot=
IP
104.21.27.231:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (23337), with no line terminators
Size
16 kB (15563 bytes)
Hash
c2c2d52da93ad2b29133a3bfc69071f6
c5463a455b2c160c33171e045ae247fadfedb37b
1de1b7faa70a00e2fa5c223757eed836f359670b7ea7df1f9c30c31d9c822a13

HTTP Headers

GET /ps/ps.js?edg=true&fullscreen=true&pl=true&id=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&appspot= HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Cookie: __psu=a91fb68c-f06c-4b57-a9a6-54bf85c9e438
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:54 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jB1gs0HALoNnTv%2Bmdx5rD988pKgccWSa9ruDT2jriZ2EcFy3xeAojW4OT9elNOtsowKU7tZpmd5s%2Be%2FTYgzuhuPN8cdck3RW7vrkFAZw9%2B7sfkOO235AixquFlZAT5YPbJRb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2ec9d5bb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 18:53:40 GMT
expires: Wed, 22 May 2024 18:53:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 129194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

a.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512

104.21.7.3

98 kB

URL
a.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Size
98 kB (98350 bytes)
Hash
c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a

HTTP Headers

GET /ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512 HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:54 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCByHapTGFPEozgtga7zfnZIo2rSGgBczlumVOQAQSjks%2Bge8osb1xf85yqbFmjDZ4ijvRo4K4MzbYP7P6IisgdxKjxzjgIqzaZx%2FLG2nvUnwU69XwJZFpoajk%2BA7qShaAz08vOXJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ccbd2ebea00b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

a.crystalcrafter.top/ph-new/assets/trls.js

104.21.7.3

2.9 kB

URL
a.crystalcrafter.top/ph-new/assets/trls.js
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Size
2.9 kB (2913 bytes)
Hash
2d452480e0a1246e5ed7e13278b99eee
dc1115b9c20884a07335bdf5abea5c399f5293d6
19b0897b045b6f67abdae0b9f6ca5987202456aa0d7bfc3b17128e94d2cf761d

HTTP Headers

GET /ph-new/assets/trls.js HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:54 GMT
content-type: application/javascript
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1e3f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkv3YqekN1fXjFXCd%2BTO2QCNy0qf3TMZeXyES0cuMoX2BdQCgJ7GpI9oAFllpZuK67ns9HFZNFCBvBNGPvrbuz%2FtFFuKKLGBED4VUu3WmH5JSQw3%2BCiJcfctr37kwsex4sA9f2Eefw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2ebe9f8b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-app.js

142.250.74.35

6.8 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21158)
Size
6.8 kB (6763 bytes)
Hash
e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

HTTP Headers

GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 06:18:59 GMT
expires: Fri, 24 May 2024 06:18:59 GMT
cache-control: public, max-age=31536000
age: 1675
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 18:53:40 GMT
expires: Wed, 22 May 2024 18:53:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 129194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c.crystalcrafter.top/ph-new/assets/thumb-big.jpg

104.21.7.3

83 kB

URL
c.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Size
83 kB (82623 bytes)
Hash
cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

HTTP Headers

GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:55 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVORYk8aM1FLq4b71Zy2AS228Aie7du0kR7WsVG0rlAffRZvZCmbd6REWDV1VPUaR6cJ0zESNBE7xWDH27CCDYZoVhxMt46KmtPSHdCfSLCeLrGIZcQVLOuvcoHnFbUVLaToBDtxCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f22ad8b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512

104.21.7.3

30 kB

URL
alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Size
30 kB (29573 bytes)
Hash
c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a

HTTP Headers

GET /ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512 HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:53 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8jjdZ2rErN3%2B88JWg3d41j%2BOiFkPvU%2FsRKi3iL8lL%2B15nTG0BPwoBwnkln0zPJUCD9XgfH6w5Xc8nXBqQHB52F7pZKeZkDkOL1kJTUpEMc92o2a7CTuCbmouaQSi4JrV0r%2FpKugHp64SAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ccbd2e57832b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

arpfam.com/video-16?h=waWQiOjEwMDk5OTIsInNpZCI6MTE3ODY3Mywid2lkIjo0MTA3NzYsInNyYyI6Mn0=eyJ&clickid=1sisi1aflqnr&si1=%7BHSITE2%7D

185.56.234.205

125 kB

URL
arpfam.com/video-16?h=waWQiOjEwMDk5OTIsInNpZCI6MTE3ODY3Mywid2lkIjo0MTA3NzYsInNyYyI6Mn0=eyJ&clickid=1sisi1aflqnr&si1=%7BHSITE2%7D
IP
185.56.234.205:0
ASN
#39572 DataWeb Global Group B.V.

File type
gzip compressed data, from Unix\012- data
Size
125 kB (125011 bytes)
Hash
c9cab37da6b4a0645f1828b3582c864d
5c9281efbf4b64cecf8b81169dd87288698afa50
b9660f54c127dd9a2b8da26dc33f10b848cb26507fa1230fd701a030b7619f44

HTTP Headers

GET /video-16?h=waWQiOjEwMDk5OTIsInNpZCI6MTE3ODY3Mywid2lkIjo0MTA3NzYsInNyYyI6Mn0=eyJ&clickid=1sisi1aflqnr&si1=%7BHSITE2%7D HTTP/1.1
Host: arpfam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.21.1
date: Thu, 25 May 2023 06:46:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: truniq=1; expires=Fri, 26-May-2023 06:46:51 GMT; Max-Age=86400; path=/; domain=arpfam.com
x-zone: eu3
content-encoding: gzip
X-Firefox-Spdy: h2

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 18:53:40 GMT
expires: Wed, 22 May 2024 18:53:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 129195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512

104.21.7.3

95 kB

URL
c.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
95 kB (94824 bytes)
Hash
a80f8990cc8bd0e7a2e826a3c4126c4c
c933e0d32eb278a0c32033252f5f1f4f5e7070de
0959c78d92fb5c91279e2e76fcf7086be938d8a4101e62f36126900e5f2c94ee

HTTP Headers

GET /ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512 HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:55 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e48fBf0kNLTlIBR2oEnDSxRrliBPxmeRA1MgqQkFMgtkNOts4M0Bc9m3TcudK%2F7KOu0Z1c29miNiVMJkXtYKRbjMTZCGQAmvpsO0kyoCumhRHlvOp7NSfOQq3YbRD9gwXB4EPM8rkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ccbd2f23addb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

b.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512

104.21.7.3

16 kB

URL
b.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Size
16 kB (15727 bytes)
Hash
c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a

HTTP Headers

GET /ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512 HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:54 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiuf9mdC50J7dHxDVp3Ydlgn4ZHAsxoFbl5tIbJvuGxcKB1KOpnkJ%2F3jVhKdUzs4dZKuZypXFDgfWHwa2CXVB68H5VqX%2B5Hv1ArdfpC5DPIDj694RbdmJZA%2BjgpZ8tZDDEKU8iMsJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ccbd2ee5d9bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512

104.21.7.3

32 kB

URL
d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Size
32 kB (32494 bytes)
Hash
c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a

HTTP Headers

GET /ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512 HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:55 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3k3pBCCUnvtg4SRPphwxiueOovdxxFQCteNxGwDfShcmqaWLCtcGCBWxqImJLH6bQ2tUwCAQRka2HHiHDjPNAROvWISWLTNYlBN%2F%2F9N8TvqvZ3%2BN8MC7eivoX%2BWF2zazffp7rUsXng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ccbd2f48d85b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 18:53:40 GMT
expires: Wed, 22 May 2024 18:53:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 129195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

d.crystalcrafter.top/ph-new/assets/trls.js

104.21.7.3

17 kB

URL
d.crystalcrafter.top/ph-new/assets/trls.js
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Size
17 kB (17317 bytes)
Hash
2d452480e0a1246e5ed7e13278b99eee
dc1115b9c20884a07335bdf5abea5c399f5293d6
19b0897b045b6f67abdae0b9f6ca5987202456aa0d7bfc3b17128e94d2cf761d

HTTP Headers

GET /ph-new/assets/trls.js HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:55 GMT
content-type: application/javascript
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1e3f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzsSJsrqNQ7J0ObGJTdNNCv98FOJHhEfCNAm0EXR3QAJ0UqWwI2trTCFpkc83dcE2bPEWL7Mx9pvQM0EuvVnsekXrOqKvXKuANFxIMbIN1dUNgogw%2FePwcWI08DooHhZMH9rf11JIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f53e60b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512

104.21.7.3

31 kB

URL
d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Size
31 kB (30944 bytes)
Hash
c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a

HTTP Headers

GET /ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512 HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:55 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yEePBZAR1I2%2BYgdHhFIxk0s3onBRIJd2s2aDdq9WQ26iTTsSYZl%2BzdJ1WyuAshz%2BDpa5aA%2B1mBxD6BnEDnRE9oL0GEdxjTVFhGqTFAdKVNSiqT6%2FREMzjDSw7cS%2FbPhT%2BoVuqZQcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ccbd2f54e65b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/rec-4.jpg

104.21.7.3

8.9 kB

URL
d.crystalcrafter.top/ph-new/assets/rec-4.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
8.9 kB (8900 bytes)
Hash
8375f2a1249ce00f118c5b616ab71492
4e2d3bc095c01632578b0b39afbfc03f43e3fa42
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483

HTTP Headers

GET /ph-new/assets/rec-4.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:56 GMT
content-type: image/jpeg
content-length: 8900
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-22c4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4mUoxeSn%2BVEn32ER8MIMWpywKlIJlxgJwP3sknn8NkD%2F4Sqbqvrl8SO%2FWvPtNUfyq%2FXjPlae2s8RMWxW4aHYhg3yWiuyZsbL4Xki6t%2B6URdABvPQucJ0gVb%2BKgnSKv8gGLnlBxsxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f8db36b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/rec-2.jpg

104.21.7.3

11 kB

URL
d.crystalcrafter.top/ph-new/assets/rec-2.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
11 kB (10890 bytes)
Hash
dbe1dba764a2ef20cf6760ad30539988
e14dca406d4f5932a9a4683635bbdf87def79eba
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7

HTTP Headers

GET /ph-new/assets/rec-2.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:56 GMT
content-type: image/jpeg
content-length: 10890
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2a8a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrzzjmSbo%2F1UyLoQIffMIH4WcduSVjqjX917gXkHHyXFTj%2B5D3oUuIyqRt7zzE6Sx5jYRsBmOKJEnjupikI3U9cYKHVWaQlHRSUOR9fhZ6%2BdtkUmtDQh1QiMZ3xH5TyEmh4YLVmAeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f8db33b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/rec-6.jpg

104.21.7.3

16 kB

URL
d.crystalcrafter.top/ph-new/assets/rec-6.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
16 kB (15988 bytes)
Hash
4887925f773d2ba9caea39686f764c7f
98c9abb09854fee425dbd78ad623af053cec6721
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773

HTTP Headers

GET /ph-new/assets/rec-6.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:56 GMT
content-type: image/jpeg
content-length: 15988
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3e74"
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cv60r2Wf6jA1I4MZBEslOtuSSpajgrdxEBZEvr2PwH%2BxN9%2F46LMd2QIINSCe6o81OdDkdPozym4E1o9rzzHaU6LNJA53obpi81xBegZD2ldO2mFKU%2FRTCOglQpXn2%2BkyTpn%2B42Ai8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f8db43b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/rec-5.jpg

104.21.7.3

13 kB

URL
d.crystalcrafter.top/ph-new/assets/rec-5.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
13 kB (13149 bytes)
Hash
f9ec603fbe19b12e8a8c1874eea3e5f2
0e24410f618ffa17dc6a9380a5b9a4c06dfba4a9
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02

HTTP Headers

GET /ph-new/assets/rec-5.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:56 GMT
content-type: image/jpeg
content-length: 13149
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-335d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8YZZneeetFoahEmqZprayBK6RJujnWfH1hQ2QM5DbdETHOnX9yFu1%2FpYCIeXwsMEyxWM023BkbD3xF88J4uAGWJS0E20GsSo3%2BdHI7NfwO4fJCtuP7J8Gylwu%2BD60Vra2xmBpdq9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f8db3fb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/rec-7.jpg

104.21.7.3

14 kB

URL
d.crystalcrafter.top/ph-new/assets/rec-7.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (13963 bytes)
Hash
f8af6bb4bdbbf2788da61a614e2f214e
d4a22a315356fcbc5f4a6af2d8a15e96721abddc
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc

HTTP Headers

GET /ph-new/assets/rec-7.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:56 GMT
content-type: image/jpeg
content-length: 13963
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-368b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLgz4gaooGjDj8Rm7FHGdZoq%2F6e2rTJfaaeZjpe8ZK9kTjYLX3ClQfyo2r5sJdf7SPveQk%2BcXibqzB2ivH3LWZS%2BVnKMarH80roXzDZPwTviop98bfcY0oaZTZh2kiFtTFMv65FgGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f8eb4bb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/5.jpg

104.21.7.3

12 kB

URL
d.crystalcrafter.top/ph-new/assets/5.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
12 kB (11713 bytes)
Hash
113d196991f086fe21f82ee35286eddc
093b74a20c8902f13be1ee735f90a93e397227f9
34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1

HTTP Headers

GET /ph-new/assets/5.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:56 GMT
content-type: image/jpeg
content-length: 11713
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2dc1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHZyhwnZ%2BYtJo3YGRzw%2BTPbJuMD6RChCrf7IlRZQ%2FzjWe0jiHDRyyyaafMttq9XTxu6%2BXLHwE9QO%2B7rIt7tmXpiWOBRckoXVVKjOIQu3fRX8GNiRIf3isn3AD3umkgLw0CKtRgVeFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f90b77b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/3.jpg

104.21.7.3

11 kB

URL
d.crystalcrafter.top/ph-new/assets/3.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
11 kB (11094 bytes)
Hash
3f9b232e4a112a89dedcae34ff319dda
5c633886ceeaf3b1185e24253df6be39378c8e85
55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a

HTTP Headers

GET /ph-new/assets/3.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:56 GMT
content-type: image/jpeg
content-length: 11094
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2b56"
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWw0fa%2BZa2NFKh4%2B3Hn%2BPQdRbj7ZmPGG%2BNhBFZ33bLPD2m%2FeKz1kBS4M5O2vDRI8XYpXGKIx2XXrAuBSO1RICmbMwvT%2BGwWRjJ%2BcvnAZlu%2F%2B4FoNV%2BFtUa9vkIT6KTzUxS86TvbVRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f90b75b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/2.jpg

104.21.7.3

21 kB

URL
d.crystalcrafter.top/ph-new/assets/2.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
21 kB (21253 bytes)
Hash
c3f3eb5d00c73ac19828309a4cde4e96
be66f4e10a00d90a0f8fdc0a5a4dbd19c143d97d
626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763

HTTP Headers

GET /ph-new/assets/2.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:56 GMT
content-type: image/jpeg
content-length: 21253
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-5305"
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78uNTjr5TOKHS6eksGNv52UVCHpOXy2bfHlXQMef3dHah6JO18FWVfYsOGm5A%2BqwuYlLZLcKt2NkTSjqvMxAXOU0kd1XUlPv9GHKdy4FUMpGKvxPoJozat23naSQPsWZaO4nOxfuRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f90b6fb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/rec-8.jpg

104.21.7.3

13 kB

URL
d.crystalcrafter.top/ph-new/assets/rec-8.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
13 kB (12992 bytes)
Hash
eb826882457e1589d8a7d3b3499c4556
91284882dec199a9cc02ffa3ef3c86505159ce12
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940

HTTP Headers

GET /ph-new/assets/rec-8.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:56 GMT
content-type: image/jpeg
content-length: 12992
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-32c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5t0g54pKuuv%2FM0J6ovK%2FwW0DDTHVvqM0iZi0P%2BcDLahCc0FF0sed28CbVa34wvRZ1dZZjYqT1Ak3H1w7O2PfFUffd8aStfkgkViX%2FjF23qTP687tWV496CryJ4qJSx%2Bmg3H9l26f9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f90b74b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/4.jpg

104.21.7.3

14 kB

URL
d.crystalcrafter.top/ph-new/assets/4.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (13611 bytes)
Hash
a4bef91e21afc13fed7f0bebcc6c4495
5dd2288d13e016a66fbe1f5605b2ed0fc3ad6326
44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd

HTTP Headers

GET /ph-new/assets/4.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:56 GMT
content-type: image/jpeg
content-length: 13611
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-352b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIMffEN2wOP9iDPO5ZThyKXUhJKvh2YO3QQ8b63QoNi58y1dOsOvIJFkGx%2BfGZoWhlIXeOACFNUXi5eKSMOoW3tXhyIhOdzCXj%2BAVy3pkltWmSZyqUpMMG0HbvnX0Tckg55lYemkGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f90b78b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/1.jpg

104.21.7.3

14 kB

URL
d.crystalcrafter.top/ph-new/assets/1.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (14404 bytes)
Hash
b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47

HTTP Headers

GET /ph-new/assets/1.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=d6ae3c04546aa162c683ad3aa407b4da-42510-0525&sub_id=1417799857244824&hash=ekefmpbetzz9ZxFQr4lc1g&exp=1684997512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 May 2023 06:46:56 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYQ00h%2BZbXVS4F4epdpdiX9qFn9aKlHQPUlL7eqz78afDBl1k%2BeqjssvS0MP62FZy%2B0nhjCQdY1avmKBYJDyHqLvpki4zGjv8B5tn8KJjukyCBafq2Ff75cfo1WzmTIZYDR5fxcaVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccbd2f90b72b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f

173.233.139.164

200 OK

115 B

URL User Request GET HTTP/1.1
www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subjecthighcpmrevenuenetwork.com
Fingerprint4A:B9:EF:7A:95:F5:EB:F1:0F:44:6B:99:79:4A:95:32:BE:12:C7:AB
ValiditySat, 22 Apr 2023 06:23:55 GMT - Fri, 21 Jul 2023 06:23:54 GMT

File type
ASCII text, with no line terminators
Size
115 B (115 bytes)
Hash
16579cc322e9e105427ecfa57890ef69
8bb47ec30cf894ab49032d7271a45f0c778baa05
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590

HTTP Headers

GET /n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 May 2023 06:46:56 GMT
Content-Type: text/html
Content-Length: 115
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17984642; expires=Fri, 26 May 2023 06:46:56 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9b6150cc691fa4657416eb5780c6af2
Strict-Transport-Security: max-age=0; includeSubdomains

www.highcpmrevenuenetwork.com/favicon.ico

173.233.139.164

200 OK

0 B

URL GET HTTP/1.1
www.highcpmrevenuenetwork.com/favicon.ico
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
Certificate
IssuerLet's Encrypt
Subjecthighcpmrevenuenetwork.com
Fingerprint4A:B9:EF:7A:95:F5:EB:F1:0F:44:6B:99:79:4A:95:32:BE:12:C7:AB
ValiditySat, 22 Apr 2023 06:23:55 GMT - Fri, 21 Jul 2023 06:23:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
Cookie: u_pl=17984642
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 May 2023 06:46:56 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 78f81edb97528ec7b9abe9cb371d0fe6
Strict-Transport-Security: max-age=0; includeSubdomains

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (56)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN