pubgwinter.com/
173.249.45.65301 Moved Permanently 231 B IP 173.249.45.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0895676447d5c37aa026c494e38bda52
ca9a811423a99de82cec987d5a022530ed928b34
eccb9d521f47ecb3e36bcb7cd82847232848d0d3345320621382ecb274906850
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pubgwinter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 19:45:11 GMT
Server: Apache
Location: https://pubgwinter.com/
Content-Length: 231
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
18.165.201.83200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 19:05:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: eVmcWy83oqILmh-miCgMg7jewpY6sDELoNfoNLPZvVwFG-f1bnJHww==
Age: 2397
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16697
Expires: Sat, 24 Sep 2022 00:23:28 GMT
Date: Fri, 23 Sep 2022 19:45:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4309
Expires: Fri, 23 Sep 2022 20:57:00 GMT
Date: Fri, 23 Sep 2022 19:45:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ya2OW8aS3X/333wnWL2MpmlfcKjGlRnsVrPa6bwL3dBX9I4BqEvm4SeNpEtmGx8tKSXgrM/JU2A=
x-amz-request-id: N62JJ1X34VFNK9WV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 19:44:35 GMT
age: 36
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
pubgwinter.com/
173.249.45.65200 OK 983 B IP 173.249.45.65:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (371), with CRLF line terminators
Hash b328574030a70cdba013831a54e78683
a965e10ba57dc301cd395c60b1ab848638d3f2fa
8268fe5771deb89a8fd1c3e3081270800d0746889816bb16c88e0e82ef0a94d2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pubgwinter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 19:45:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pubgwinter.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651633200
173.249.45.65404 Not Found 315 B URL HTTP/1.1 pubgwinter.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651633200
IP 173.249.45.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651633200 HTTP/1.1
Host: pubgwinter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pubgwinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css
151.101.85.229200 OK 21 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (65324)
Hash f19c9e9b686533ff268ae6e13a2345d4
9f3eb00c18999ae1e3aee46c27157db75cd19b20
ed4f576f0efaef4889c69cc7d80c0d752196bd44ea774fa179667b90d9986965
GET /npm/bootstrap@4.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pubgwinter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.3
x-jsd-version-type: version
etag: W/"22688-Z1/PKPn783E507LAtnb5b2AaQgM"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Sep 2022 19:45:12 GMT
age: 1976460
x-served-by: cache-fra19161-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21038
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 2d9e0062f7421d8467c6e7a09892823e
6c1fac8ecc361a9c31d77045c0f4c1b80a2066a0
13d64a51a2b28770bfecb173172b23c01103d5ebff43487ea1c31cb75d4ee074
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "D824D9F952286154B57FA0BD982017B68E873C98"
Expires: Sat, 24 Sep 2022 06:00:00 GMT
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3318
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f5c7838cdc0b69-OSL
pubgwinter.com/favicon.ico
173.249.45.65404 Not Found 315 B URL HTTP/1.1 pubgwinter.com/favicon.ico
IP 173.249.45.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /favicon.ico HTTP/1.1
Host: pubgwinter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pubgwinter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
1.kyudiezdf1.cf/
173.249.45.65200 OK 20 kB IP 173.249.45.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash da03024491aed56c88ab638265c6a408
d70e717c46795e2ffc37d099cdd0105c8b7e7a91
9c9163ff728e0eeb81c992aaef374bb7e84db6767d889704278da8b8d0601d4f
GET / HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pubgwinter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
1.kyudiezdf1.cf/css/style.css
173.249.45.65200 OK 14 kB URL HTTP/1.1 1.kyudiezdf1.cf/css/style.css
IP 173.249.45.65:0
File type assembler source, ASCII text
Hash 65ccd2e07ddac0376cb11501da611a99
facfaefa085d07ba8e68437ea5bf912ae3ac490e
d7cc4a3e3781209bb91d7cf2f3cc4a80d279ca42731cf9a022c33537bb110486
GET /css/style.css HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:07:24 GMT
Accept-Ranges: bytes
Content-Length: 13834
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.25.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 19:45:12 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6117955
expires: Wed, 13 Sep 2023 19:45:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koeUxUILmJ63zDRawnT00PXoee38ezlpWDOx32koUuuh%2FYG7chkhPKGqMy2XNHWu8Joxbg60JRXhDiOUmScmDahRzvgiXTKvXWVCNAI1EzEJaEsCdNf8tJ731MBg4t9ePEEBbEFW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f5c78439c20b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1e6c9be31449287ca2725eb224a39e88
c65a22026855d7f48e9e735e19c34470e4487066
b6d0504176ab904be26a92b03910531c3a99a30a542d45a1f4865a5166256096
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5785
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Last-Modified: Fri, 23 Sep 2022 18:08:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
1.kyudiezdf1.cf/css/login/facebook.css
173.249.45.65200 OK 3.1 kB URL HTTP/1.1 1.kyudiezdf1.cf/css/login/facebook.css
IP 173.249.45.65:0
Hash 7963984a8f422cb6cdabcb6597f3f252
8932b3a35c501044ccf88aab675703b972868182
a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870
GET /css/login/facebook.css HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:20:44 GMT
Accept-Ranges: bytes
Content-Length: 3136
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
1.kyudiezdf1.cf/css/login/twitter.css
173.249.45.65200 OK 2.1 kB URL HTTP/1.1 1.kyudiezdf1.cf/css/login/twitter.css
IP 173.249.45.65:0
Hash aa7cc463409f187509e7e5fb570e1d0c
0321e26b58b7f779248e23a56c9153c908d42ed6
6eb360154fcda50619dcbdbc620141c511b0a2be9bbee053f3abe67e70fd5533
GET /css/login/twitter.css HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:20:46 GMT
Accept-Ranges: bytes
Content-Length: 2068
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
code.jquery.com/jquery-1.10.2.min.js
69.16.175.10200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.10.2.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32072)
Hash 68cc08e82915da8b82fc6be74ab86365
4089530b0c00f6cbd1452d7f873be85454196fd1
6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 19:45:12 GMT
content-encoding: gzip
content-length: 32788
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-16bb3"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663962312.dop205.sk1.t,1663962312.cds202.sk1.hn,1663962312.cds243.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1e6c9be31449287ca2725eb224a39e88
c65a22026855d7f48e9e735e19c34470e4487066
b6d0504176ab904be26a92b03910531c3a99a30a542d45a1f4865a5166256096
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5785
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Last-Modified: Fri, 23 Sep 2022 18:08:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32061)
Hash b90b3d2618cce9d766152cd3092b5c27
496339457cd00caab8118e2e1f30ea18dc05b9f4
b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 09:02:32 GMT
expires: Fri, 22 Sep 2023 09:02:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 124960
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32180)
Hash f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 14:39:25 GMT
expires: Fri, 22 Sep 2023 14:39:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 104747
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.kyudiezdf1.cf/css/animate.css
173.249.45.65200 OK 78 kB URL HTTP/1.1 1.kyudiezdf1.cf/css/animate.css
IP 173.249.45.65:0
Hash 8eae1a9cfafdc593321d4d59ec4905ea
232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
GET /css/animate.css HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:07:22 GMT
Accept-Ranges: bytes
Content-Length: 77906
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
142.250.74.10200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP 142.250.74.10:0
Hash 759b343127f50d0480f867392a68a9cd
e3d5cdc2f9daddb521f54675db8e0a54ec838a15
72947b77cbf69ec97b689001dca2748fe484016520d271b5da40c19005497da9
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 19:45:12 GMT
date: Fri, 23 Sep 2022 19:45:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.kyudiezdf1.cf/js/script.js
173.249.45.65200 OK 166 kB URL HTTP/1.1 1.kyudiezdf1.cf/js/script.js
IP 173.249.45.65:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 166 kB (165929 bytes)
Hash c72b1136544d8ae9a98c4705b4904df1
74f67e681062a60e6529c18679f1e2dd3092de60
8c30ae3a795ccab18e69c84d5792f9ea1228151907ead90256ecd980a547b9b1
GET /js/script.js HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:25:30 GMT
Accept-Ranges: bytes
Content-Length: 165929
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
1.kyudiezdf1.cf/img/login-Method1.png
173.249.45.65200 OK 29 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/login-Method1.png
IP 173.249.45.65:0
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /img/login-Method1.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:00 GMT
Accept-Ranges: bytes
Content-Length: 28789
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/rewards/4.png
173.249.45.65200 OK 222 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/rewards/4.png
IP 173.249.45.65:0
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 222 kB (221935 bytes)
Hash ed6111803a6b47a10fa56b05fa7156f5
f4488b14580271057652d4d7d9e97f79b6c13642
62e4f67fd71f684dc185546d106ecc86bf82972064e932b3bf324aa03cd3bbd6
GET /img/rewards/4.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:26 GMT
Accept-Ranges: bytes
Content-Length: 221935
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/popup-navbar.png
173.249.45.65200 OK 46 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/popup-navbar.png
IP 173.249.45.65:0
File type PNG image data, 1200 x 123, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d07369fdcdb66cb11ad805ddaf34bb8
4d2eebf5ce3d05855fb1cd137da29c630b468d55
92a9d074e024f93bd185d431c27d782328b389d8c324be07095bb4eaa32af91f
GET /img/popup-navbar.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:06 GMT
Accept-Ranges: bytes
Content-Length: 46205
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/footer-img.png
173.249.45.65200 OK 14 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/footer-img.png
IP 173.249.45.65:0
File type PNG image data, 669 x 99, 8-bit/color RGBA, non-interlaced\012- data
Hash d8e7ade119fece88de74909f9625a4f4
fcd55a597136e98a1ef13fb4ec78b5fdfe5ddffb
49c48ca56906e272d341083c726fc29a7304b7e66647ffd08b4ce7edd67430b4
GET /img/footer-img.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Length: 14457
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/navbar-logo.png
173.249.45.65200 OK 177 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/navbar-logo.png
IP 173.249.45.65:0
File type PNG image data, 1074 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 177 kB (177317 bytes)
Hash d2d4c42a8bef48daa7c8151a838870c9
7ad25c9e369e069f97093188699bd58a2b298888
a817051e4bb4f6a94ffc632b32ba786440fb33f2028b99a83c836631299ff587
GET /img/navbar-logo.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:02 GMT
Accept-Ranges: bytes
Content-Length: 177317
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/rewards/1.png
173.249.45.65200 OK 540 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/rewards/1.png
IP 173.249.45.65:0
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 540 kB (540405 bytes)
Hash 42099eac9bab675b923f48d6314d63f1
ab2f66be6bba5ea5113c38b12e1bfbda9ee6e6ce
d87e9dba724fa04a35dc5e727c97e696e4b141a0f3c0aeb02b977680c30f3c66
GET /img/rewards/1.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:24 GMT
Accept-Ranges: bytes
Content-Length: 540405
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/event-theme-title.png
173.249.45.65200 OK 463 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/event-theme-title.png
IP 173.249.45.65:0
File type PNG image data, 3464 x 1052, 8-bit/color RGBA, non-interlaced\012- data
Size 463 kB (462978 bytes)
Hash ec8c42b8e24bee8c140e6306fae720f2
6669784bcd55fdf2c0dd6c7350e93c8e9a5631b7
a6543bfb6b2e97ca0fa7fcbedf24da6a06a37b5d893ad6335c708c2581a18439
GET /img/event-theme-title.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:52 GMT
Accept-Ranges: bytes
Content-Length: 462978
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/rewards/2.png
173.249.45.65200 OK 567 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/rewards/2.png
IP 173.249.45.65:0
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 567 kB (566643 bytes)
Hash 1a4571cf2f7554d3962c6fe1ed6aa8f5
7912e58f404fcb3b9745f9ec2d460e289c7c8a04
a1c4cf92120811e900ab96edbcca4f534af11eb4897ea29318455be00bd6c884
GET /img/rewards/2.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:26 GMT
Accept-Ranges: bytes
Content-Length: 566643
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/rewards/5.png
173.249.45.65200 OK 243 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/rewards/5.png
IP 173.249.45.65:0
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 243 kB (242568 bytes)
Hash a50c137697907a2efc19dbd3cfda1454
4c36584ba51c55fcafe52afe1e8280373a1e00fc
b38a2d56c5597f326ac7e02098a9585651a2f49dc6a8f14508531ef201e7b88c
GET /img/rewards/5.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:28 GMT
Accept-Ranges: bytes
Content-Length: 242568
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/background.jpg
173.249.45.65200 OK 811 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/background.jpg
IP 173.249.45.65:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=1440, orientation=[*0*], width=2560], baseline, precision 8, 2532x1440, components 3\012- data
Size 811 kB (810935 bytes)
Hash e86588388ca7270baa837ac0585ce3a0
c6b81498926b85f6230cbbe6f806533c19022ccc
ec3f27f805adcd045fb9e95a6e1cc25f6397933ff8a7c5f042453b0f35f84078
GET /img/background.jpg HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:46 GMT
Accept-Ranges: bytes
Content-Length: 810935
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
1.kyudiezdf1.cf/img/event-theme-subtitle.png
173.249.45.65404 Not Found 315 B URL HTTP/1.1 1.kyudiezdf1.cf/img/event-theme-subtitle.png
IP 173.249.45.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /img/event-theme-subtitle.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
1.kyudiezdf1.cf/img/btn-off.png
173.249.45.65200 OK 10 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/btn-off.png
IP 173.249.45.65:0
File type PNG image data, 252 x 82, 8-bit colormap, non-interlaced\012- data
Hash 2e09d03f4f375948d94c3d1b0f09e545
1ced072f209a0b4d732372ee6886b686af24a6c9
d1c394718be9565c7959ff182c4eda2e1cb5473adda6daf71356bbfc4d669f13
GET /img/btn-off.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:50 GMT
Accept-Ranges: bytes
Content-Length: 10127
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/btn-item.png
173.249.45.65200 OK 9.7 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/btn-item.png
IP 173.249.45.65:0
File type PNG image data, 203 x 72, 8-bit colormap, non-interlaced\012- data
Hash 76d0b6823004c888e72a711d65533667
54a8ef539dd23ba58251a0be9284390f76124436
b5534877294c67fc528ac2ebfdbdc291d47e3a6529fad8c8b14aaa03acf35d4c
GET /img/btn-item.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:48 GMT
Accept-Ranges: bytes
Content-Length: 9723
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.kyudiezdf1.cf/img/rewards/6.png
173.249.45.65200 OK 353 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/rewards/6.png
IP 173.249.45.65:0
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 353 kB (352875 bytes)
Hash bc4e5f8b051ab1c2c40a49bbc1a46ae9
4d3d6a8671bb225c6d58c1baa7eb74a875d0b566
6608ed65607f94ca52aa9416f5db5f0539301701576401ce8002241d7098d029
GET /img/rewards/6.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:28 GMT
Accept-Ranges: bytes
Content-Length: 352875
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.83200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 19:33:00 GMT
Expires: Fri, 23 Sep 2022 20:31:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4c52c2a46d6ce20208b2160aa3b35a5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: qk_H6EJ_uijRrgPa4bARh4keqipjs0RfxOfA6Iq4q15oVqZnpXj_ZQ==
Age: 732
1.kyudiezdf1.cf/img/rewards/9.png
173.249.45.65200 OK 474 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/rewards/9.png
IP 173.249.45.65:0
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 474 kB (474524 bytes)
Hash 5910e7d35da0e8c82702176d8e6a3659
80279182a8c296f164ac905547254edc386b2c80
d0678c7cd837e539b72a1170214e5ee0214db87d473eef8a3fd8a75a025c7b50
GET /img/rewards/9.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:30 GMT
Accept-Ranges: bytes
Content-Length: 474524
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/rewards/3.png
173.249.45.65200 OK 772 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/rewards/3.png
IP 173.249.45.65:0
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 772 kB (772188 bytes)
Hash bb37c8b8960c3ae424e8d9e44ba1c5c7
d40ea76a35db8be98dbd624320ead230132dfcbf
64f6c675d88b716aa5ee02773feb9e8f6a41b6b801170637a30e3ab1952141eb
GET /img/rewards/3.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:26 GMT
Accept-Ranges: bytes
Content-Length: 772188
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/containerHome.jpg
173.249.45.65200 OK 1.2 MB URL HTTP/1.1 1.kyudiezdf1.cf/img/containerHome.jpg
IP 173.249.45.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1621, components 3\012- data
Size 1.2 MB (1191391 bytes)
Hash d512f0d5b93704715277f11418480cea
cef99ac5a79c199c3ebc1a84bddff976bb659ec2
ee34c4c18af3345fb947be7630c2d8f631939aa856ffa6d0d4096e206605e0db
GET /img/containerHome.jpg HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:50 GMT
Accept-Ranges: bytes
Content-Length: 1191391
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
1.kyudiezdf1.cf/img/rewards/10.png
173.249.45.65200 OK 338 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/rewards/10.png
IP 173.249.45.65:0
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 338 kB (338490 bytes)
Hash 5ee7ddc853dd3919378e227c07f3983e
6bf03a319005e463aa9c90c51dcb3c02700ce902
140cb21830adfe83799ca54faf98387a3ac9d94c3e23d4fa5bc7a42c4acfc744
GET /img/rewards/10.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:32 GMT
Accept-Ranges: bytes
Content-Length: 338490
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Hash 5b9fce771bd530ab9767e2b5aebd28c1
28ee5935b59df8b2d6876707e1f0f0e6768d2d31
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c
GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1.kyudiezdf1.cf
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:04:04 GMT
expires: Tue, 19 Sep 2023 20:04:04 GMT
cache-control: public, max-age=31536000
age: 344468
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.kyudiezdf1.cf/img/rewards/8.png
173.249.45.65200 OK 328 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/rewards/8.png
IP 173.249.45.65:0
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 328 kB (328280 bytes)
Hash bd1b37a538a2eaca665fae48dce75bcf
1182488a50e9795a044186b0b4dd18d3a5d5c3c0
1fa8c37c3fddd36eb89f94d13376598e4eb3b02b12e8bc06ad3e5595a225f1e2
GET /img/rewards/8.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:30 GMT
Accept-Ranges: bytes
Content-Length: 328280
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/rewards/11.png
173.249.45.65200 OK 606 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/rewards/11.png
IP 173.249.45.65:0
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 606 kB (606529 bytes)
Hash 0dd93b7d94e59ec35f50633b586e0bf7
28db736791459cd43d12f95cde0c371d8096ad17
96e43b5a1d1f042f1e6d45e10c9a4604da7a413e91aa62e31c8419af23f34c0e
GET /img/rewards/11.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:32 GMT
Accept-Ranges: bytes
Content-Length: 606529
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1.kyudiezdf1.cf
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 20:23:43 GMT
expires: Thu, 21 Sep 2023 20:23:43 GMT
cache-control: public, max-age=31536000
age: 170489
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.kyudiezdf1.cf/img/footer-bg.jpg
173.249.45.65200 OK 12 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/footer-bg.jpg
IP 173.249.45.65:0
File type JPEG image data, progressive, precision 8, 579x800, components 3\012- data
Hash 27b8ceba13cb26a4ac6951cecdd4a5d3
accbec4f1b6038f0bcd2032da80c2ee342033d2e
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f
GET /img/footer-bg.jpg HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:52 GMT
Accept-Ranges: bytes
Content-Length: 11651
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
1.kyudiezdf1.cf/img/footer-socmed-1.png
173.249.45.65200 OK 646 B URL HTTP/1.1 1.kyudiezdf1.cf/img/footer-socmed-1.png
IP 173.249.45.65:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash d9b949876ffd15f8f62a6af5c3ce4225
fd7febfcad61f1cca9d60d284117e38ded1b32ed
5d48175e94e95b4e801686879daffd5c52bec5fd6d027d2d58b917a68717d670
GET /img/footer-socmed-1.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Length: 646
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2724
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:13 GMT
Last-Modified: Fri, 23 Sep 2022 18:59:49 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
1.kyudiezdf1.cf/img/footer-socmed-2.png
173.249.45.65200 OK 1.1 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/footer-socmed-2.png
IP 173.249.45.65:0
File type PNG image data, 51 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash ec2c26f319ff87f93b5db555f2f4f9d3
ae06369bb7369d3935e6bc823f88ccb817d4a4de
3e85dd60d3f26a55e620b5304c2a0053e47925d862c76ef67295a413708be7e9
GET /img/footer-socmed-2.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:54 GMT
Accept-Ranges: bytes
Content-Length: 1051
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/footer-socmed-3.png
173.249.45.65200 OK 831 B URL HTTP/1.1 1.kyudiezdf1.cf/img/footer-socmed-3.png
IP 173.249.45.65:0
File type PNG image data, 52 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash f16f23a9441fe2bd148daceaa5ade434
0a1299df393af49a7b6204644fc1d09c1a032149
20aac3d9f780c22dc015a948d5991fec159b81dbc7df99002dc49b78db33c2f5
GET /img/footer-socmed-3.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:56 GMT
Accept-Ranges: bytes
Content-Length: 831
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/footer-socmed-4.png
173.249.45.65200 OK 1.2 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/footer-socmed-4.png
IP 173.249.45.65:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash a2e2c015e404a74a9a9873580de4bf86
f9c24d1c8f03c16d42bcd9ba4e393802b2cc6b43
fad672e88bc51db52fe1a1a949e9e5af70ea5ec010a1be1ecd1deb54d593cc8c
GET /img/footer-socmed-4.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:56 GMT
Accept-Ranges: bytes
Content-Length: 1240
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/footer-socmed-5.png
173.249.45.65200 OK 908 B URL HTTP/1.1 1.kyudiezdf1.cf/img/footer-socmed-5.png
IP 173.249.45.65:0
File type PNG image data, 51 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash 2c03fbdb681a30ba337e755ef542b08f
e2297377e89bd6b6627507e228ccd8eab443bfa5
bdf47d624e19676f645ae87439ae3ecd6f31519904b67ab17f1e62b6d3366541
GET /img/footer-socmed-5.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:58 GMT
Accept-Ranges: bytes
Content-Length: 908
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/rewards/12.png
173.249.45.65200 OK 263 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/rewards/12.png
IP 173.249.45.65:0
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 263 kB (263358 bytes)
Hash 9e297ff24155072b66dde55433047e79
fd7eb5ad17c5a45b91167b8ad55967807b66d47e
5f5a8aa15ff168c57ea6faaeec001e88c5d19f92c12406497dd1fa6feb341218
GET /img/rewards/12.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:34 GMT
Accept-Ranges: bytes
Content-Length: 263358
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/footer-socmed-6.png
173.249.45.65200 OK 4.3 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/footer-socmed-6.png
IP 173.249.45.65:0
File type PNG image data, 184 x 140, 8-bit/color RGBA, non-interlaced\012- data
Hash 27eb10858d473bfd39cca3251fe35a26
f472c341ec3696a0c7bb85799495995ff72f941f
e0e93e88b46229223de82294608854d6578f0ade6f696b31f830cda37aae9b0e
GET /img/footer-socmed-6.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:58 GMT
Accept-Ranges: bytes
Content-Length: 4316
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/popup-box-bg.png
173.249.45.65200 OK 197 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/popup-box-bg.png
IP 173.249.45.65:0
File type PNG image data, 1200 x 494, 8-bit/color RGBA, non-interlaced\012- data
Size 197 kB (197340 bytes)
Hash 5d59f791b9edc8ca964d93e3b7561428
67f79028db1fe1121a651895b1375c0dbd4915d2
e5c022dcf8fa2728a24e4d119d76dbc383faa42b305450bb7dc096e9736883ea
GET /img/popup-box-bg.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:04 GMT
Accept-Ranges: bytes
Content-Length: 197340
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c39e5f1c325e73e69efd1e1f27c264e2
a2a3516cd183e4680e15979dbace203c44edd518
30a817cbad0436b91c95e9f4761f5c79edf716e94b870da205e030f170fef10d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "30A817CBAD0436B91C95E9F4761F5C79EDF716E94B870DA205E030F170FEF10D"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4321
Expires: Fri, 23 Sep 2022 20:57:14 GMT
Date: Fri, 23 Sep 2022 19:45:13 GMT
Connection: keep-alive
1.kyudiezdf1.cf/img/rewards/7.png
173.249.45.65200 OK 431 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/rewards/7.png
IP 173.249.45.65:0
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 431 kB (431383 bytes)
Hash ad60e8fa12e882edf283ad83294f8fe5
0bdddfcc2a59fe2147d6c59110ab405dadcb6881
cf9f4c2131480181c2351106b035ca2d7aaf7e9b4fa2aaa77acf781fda7c9525
GET /img/rewards/7.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:30 GMT
Accept-Ranges: bytes
Content-Length: 431383
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 19:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.kyudiezdf1.cf/img/popup-footer.png
173.249.45.65200 OK 64 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/popup-footer.png
IP 173.249.45.65:0
File type PNG image data, 1200 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 05bdc2e7a9b5a2adb0a0a6e74ef9b4fc
67aa09624c4466e018d7fa63f130ac951ddf5c5b
de9fe257e692daa75a0ddf6164ae6171c1d2f7eaab98cf5b0b2e5479b0195fa2
GET /img/popup-footer.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:06 GMT
Accept-Ranges: bytes
Content-Length: 64086
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/img/btn-on.png
173.249.45.65200 OK 11 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/btn-on.png
IP 173.249.45.65:0
File type PNG image data, 252 x 82, 8-bit colormap, non-interlaced\012- data
Hash 47b5981fe1e6139a4e5b2c9960143740
b6ed0c5c1bd07d0006770141972799e163a4aae0
3bc271d6a3d7ee4df7a4aa8ffe694c8ac720fb70cf5c9f235bf755cb6343dfef
GET /img/btn-on.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:08:50 GMT
Accept-Ranges: bytes
Content-Length: 11056
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
1.kyudiezdf1.cf/media/header.mp4
173.249.45.65206 Partial Content 60 kB URL HTTP/1.1 1.kyudiezdf1.cf/media/header.mp4
IP 173.249.45.65:0
Hash 198a6cd0109b2157b98e9ae91297ee2f
bd2486ec7501016fd8b49af1c5dbb4d5fd4c075a
74b039c5458548a76e3759dfc9a26665fc28b6aaceab9c5498eff43c4168932e
GET /media/header.mp4 HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=7176192-
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:15:40 GMT
Accept-Ranges: bytes
Content-Length: 59547
Content-Range: bytes 7176192-7235738/7235739
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: video/mp4
www.pubgmobile.com/en/images/footer_link_bg.png
23.36.76.227200 OK 1.6 kB URL HTTP/2 www.pubgmobile.com/en/images/footer_link_bg.png
IP 23.36.76.227:0
ASN #20940 Akamai International B.V.
File type PNG image data, 560 x 127, 8-bit/color RGBA, non-interlaced\012- data
Hash 92ae645b6114492e8c1c5464d949466a
1d27f2644c0f5e899e9478c78136a9bc94131150
f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417
GET /en/images/footer_link_bg.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 1630
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-65e"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=300
expires: Fri, 23 Sep 2022 19:50:13 GMT
date: Fri, 23 Sep 2022 19:45:13 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_download.svg
23.36.76.227200 OK 485 B URL HTTP/2 www.pubgmobile.com/en/images/nav_download.svg
IP 23.36.76.227:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Hash 105955f14143a23be57cadef8e91950e
98cc1e76113b4b2a2a77805bb1f1d6b364344d88
b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2
GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 19:45:13 GMT
content-length: 485
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_language.svg
23.36.76.227200 OK 675 B URL HTTP/2 www.pubgmobile.com/en/images/nav_language.svg
IP 23.36.76.227:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Hash 77e7b8dcd13159c59219706782b1a897
a3c73409a8e9841a00b771d96ce6cb0ce76d222e
4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4
GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 19:45:13 GMT
content-length: 675
X-Firefox-Spdy: h2
1.kyudiezdf1.cf/img/login-Method2.png
173.249.45.65200 OK 4.3 kB URL HTTP/1.1 1.kyudiezdf1.cf/img/login-Method2.png
IP 173.249.45.65:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /img/login-Method2.png HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 19:45:13 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:09:00 GMT
Accept-Ranges: bytes
Content-Length: 4298
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.pubgmobile.com/en/images/nav_menu.svg
23.36.76.227200 OK 426 B URL HTTP/2 www.pubgmobile.com/en/images/nav_menu.svg
IP 23.36.76.227:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Hash 76f5753e4fe160785df31ef342ada1c1
a78cc3e318b79b7fe5e7eb8df11683706b518e8f
52c48564638e7f165f23fae7f76b72d07905f2179ff659b939bfab7ec8b82a26
GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 19:45:13 GMT
content-length: 426
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_shop.svg
23.36.76.227200 OK 526 B URL HTTP/2 www.pubgmobile.com/en/images/nav_shop.svg
IP 23.36.76.227:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Hash ad0548f5478991acc360e6464247e82a
40e3e327eebfc39a8e45b1aa46b725d65390cdcc
6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3
GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 19:45:13 GMT
content-length: 526
X-Firefox-Spdy: h2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
23.36.76.227200 OK 75 kB URL HTTP/2 www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP 23.36.76.227:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash 92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=294
expires: Fri, 23 Sep 2022 19:50:07 GMT
date: Fri, 23 Sep 2022 19:45:13 GMT
X-Firefox-Spdy: h2
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Fri, 23 Sep 2022 19:45:13 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sat, 24 Sep 2022 19:21:53 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Fri, 23 Sep 2022 21:45:13 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Fri, 23 Sep 2022 19:45:13 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sat, 24 Sep 2022 19:21:53 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Fri, 23 Sep 2022 21:45:13 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qxSHI1oO9z19BFAga3mLCg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yThLfWTpuFe83Ft2p3RS+gz7Ih8=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13180
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:45:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13180
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:45:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13180
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:45:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13180
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 19:45:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 79012
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:48 GMT
age: 77606
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 78718
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 77866
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 77628
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 77627
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1.kyudiezdf1.cf/media/header.mp4
173.249.45.65206 Partial Content 0 B URL HTTP/1.1 1.kyudiezdf1.cf/media/header.mp4
IP 173.249.45.65:0
GET /media/header.mp4 HTTP/1.1
Host: 1.kyudiezdf1.cf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Fri, 23 Sep 2022 19:45:12 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 08:15:40 GMT
Accept-Ranges: bytes
Content-Length: 7235739
Content-Range: bytes 0-7235738/7235739
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: video/mp4
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.kyudiezdf1.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 19:45:12 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 9409066
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74f5c7849b07b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2