tei.ai/ZZdbWQ
172.67.196.138301 Moved Permanently 0 B IP 172.67.196.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZZdbWQ HTTP/1.1
Host: tei.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Sep 2022 19:16:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 20:16:09 GMT
Location: https://tei.ai/ZZdbWQ
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2Ba%2BgNSrXJgeCrKSnJf6OBXvhdoueCGfeAzCVqSL4Q89gBNbM703Ld5db%2F%2B4X69h2Me9CwSphnHb6pm6p4eNEloer7EPfLGjGTtk2%2FsqScxnY3y26pLjkxY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74614c362a9ab50b-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 18:44:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mFeJYK-_8qHh4-OnR8rLsb3ixzINb23-UnlCcwGYju_53MxGAxV8Tg==
Age: 1874
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3736
Expires: Mon, 05 Sep 2022 20:18:25 GMT
Date: Mon, 05 Sep 2022 19:16:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rUkS9Ra3Fwzzl17AvUZ6HWMzZn81IhJ3Yi7n0lmWG34H179etttlWg==
age: 64852
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 18:38:16 GMT
Expires: Mon, 05 Sep 2022 19:28:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: W5NdIl_qIPD6zSeKevc91ySVO6HVwL6BzlUlrFW5PqLCI49tF45xew==
Age: 2273
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5409
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 19:16:10 GMT
Last-Modified: Mon, 05 Sep 2022 17:46:01 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.208.34.131101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.34.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1oviS0nsAOTCgmDTwuCfoA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zec7gg5ed7EJUopRm2J6V0EtZFE=
ckk.ai/ZZdbWQ
172.67.214.204200 OK 110 kB IP 172.67.214.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63089), with CRLF, LF line terminators
Size 110 kB (109582 bytes)
Hash fd474c408a8cf4c7b5c57c0d84f76559
a6196138e274aa29bbfe3794b3c96427ed89515d
efa08a8aab340939f7dc5aee462dcf2f31b6b5ad5ff7dbe3e808bb1d538a9050
GET /ZZdbWQ HTTP/1.1
Host: ckk.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:16:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=89695c98f4fa4db98394d3ae9e6a0aab; path=/; HttpOnly; secure
refZZdbWQ=YWVjZTc2NGMyNjJiN2ZmNGNiMjgxMDJiMTJlYzIzYWUwMzBlNjJkZTM3MmFhMWU2NWRjMjk5MmFmOWNkZmE4ZpBPlel6%2F9hwBZb1reNytln%2F0528T8aq6wX2oLb4CBeI; expires=Mon, 05-Sep-2022 19:21:08 GMT; Max-Age=300; path=/; HttpOnly; secure
csrfToken=96341be1a2b37b0ed6c6bc5c427b6d43197111bed36f7bd024762e33f1a9528a4df7f5f990b7114a89a809f154d342268d62008d459c9140de4b686ca0b05a61; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBOAKp5rihLnB1mN6S8GlYCbLvn2cnqX1vtWKyJ6kdCJccWAZJXlCeoeKFoCT8ymQcpyxdQb1bHcx12CYnLc7IYSBWJASk7d5AWDW61DsjLEIyFm1Lc4%2Bq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74614c3af9c50b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e4f7c324fb8ab807c1a0df3ba0bc3601
3aaf5e3ef0733938331fb762722e1e17baa371a0
d3d3b2041a12ee41838daa16bc88b2d397fcb627f7c247d9bb0f147e4c522fcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3D3B2041A12EE41838DAA16BC88B2D397FCB627F7C247D9BB0F147E4C522FCB"
Last-Modified: Mon, 05 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3099
Expires: Mon, 05 Sep 2022 20:07:50 GMT
Date: Mon, 05 Sep 2022 19:16:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 87 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5889693e49638f05f6af1150b7430224
72c7995ac47579daf5a20baa17d632753c2956be
a3f3b2503256fb35ffe48eca48f30b3a471f55fb2edd138c64c62ccf99c8478c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67A714240D99CAAA9C3635D80993671B402B47D82E11D9668D3C8A71394BF599"
Last-Modified: Mon, 05 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1070
Expires: Mon, 05 Sep 2022 19:34:01 GMT
Date: Mon, 05 Sep 2022 19:16:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 70a2b5e9d14d587abebcef759038a054
d9007c71f00c05995dec540bedeba407f1bc4350
8a9a1eb5598eea447e9125d3064620d48c4a3d2b6435686f6c75a7b153ea4ee0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3911
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 19:16:11 GMT
Last-Modified: Mon, 05 Sep 2022 18:11:00 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 19:16:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trustbummler.com/tSXyF1oQpqC/14504
23.109.87.182200 OK 25 B URL HTTP/1.1 trustbummler.com/tSXyF1oQpqC/14504
IP 23.109.87.182:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
Analyzer Verdict Alert quad9 Sinkholed
GET /tSXyF1oQpqC/14504 HTTP/1.1
Host: trustbummler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 19:16:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ckk.ai
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Tue, 06-Sep-2022 19:16:11 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Tue, 06-Sep-2022 19:16:11 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
www.googletagmanager.com/gtag/js?id=UA-113561579-8
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-113561579-8
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 99e22228780680eec2e2a26c50de027b
903a2142e12ac9af5bf3909265913e9a9f65007f
f0af42bf12356520c8dea0cc7bd71086da1f6b88f07fa6ca12b329cd0503765f
GET /gtag/js?id=UA-113561579-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Sep 2022 19:16:11 GMT
expires: Mon, 05 Sep 2022 19:16:11 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0d6fdc8a8b1a7e76800258dfd2c57815
10990a232d75148f51a56193a6f6cd8422c0beb9
616305c23d1eb9aaca9e2c76665745be94ed4e68cf0456e8cd290b62c4255965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "616305C23D1EB9AACA9E2C76665745BE94ED4E68CF0456E8CD290B62C4255965"
Last-Modified: Sat, 03 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11774
Expires: Mon, 05 Sep 2022 22:32:25 GMT
Date: Mon, 05 Sep 2022 19:16:11 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 19:16:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
forfrogadiertor.com/400/3487732
139.45.197.239200 OK 33 kB URL HTTP/2 forfrogadiertor.com/400/3487732
IP 139.45.197.239:0
Hash 2f700bf677e5ee9ab90e5f7e915f70d4
75a8e4c2140e52bfd3bf44b7d4643244403a3caf
7c45e3166cf84113223fdc3b2798c0f90c05f12955a4dc655b5d99ca7f7b34a8
GET /400/3487732 HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:11 GMT
content-type: application/javascript
x-trace-id: f184685341eb15f7d86b966dfde41bbb
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5eaa8a25b98a46fa9f6a81c51b4b54b3; expires=Tue, 05 Sep 2023 19:16:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
upgulpinon.com/42/38?z=5324394
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/42/38?z=5324394
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /42/38?z=5324394 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=cb377d75da884f5a8445b59a5805e03c; oaidts=1662405371
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:11 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 185d33d564050f924fc4469c2a04b356
access-control-expose-headers: X-Sc
set-cookie: OAID=cb377d75da884f5a8445b59a5805e03c; expires=Tue, 05 Sep 2023 19:16:11 GMT; secure; SameSite=None
oaidts=1662405371; expires=Tue, 05 Sep 2023 19:16:11 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash aa55dd0f6989a8bd8e6e8da2863bb1c7
cb813e3cc5007a8108c86b44d9d20d9fa478225b
6d4f8fb4512b8449f85904315d07e30d6cc7b717ae35cf2b8d8a8d1729367f6a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 19:16:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 15:02:17 GMT
Expires: Mon, 12 Sep 2022 15:02:16 GMT
Etag: "cb813e3cc5007a8108c86b44d9d20d9fa478225b"
Cache-Control: max-age=588964,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74614c4269edb4f9-OSL
cdn.itskiddoan.club/apu.php?zoneid=5225632
139.45.197.236200 OK 43 kB URL HTTP/2 cdn.itskiddoan.club/apu.php?zoneid=5225632
IP 139.45.197.236:0
Hash 39d4cfcee9a7e373cf84f6cfac21f3b8
903944e152fd4e5be6de75bd715fefc74b3af519
8b043ce11597ffcc26eacf9ff58a5e977b047cf5e4591b3a070de547725f3799
GET /apu.php?zoneid=5225632 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:11 GMT
content-type: application/javascript
x-trace-id: d2aa8824926b01046934fdde64833ee2
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=47ecaf57e902412c9bd06609d1485b0a; expires=Tue, 05 Sep 2023 19:16:11 GMT; path=/; secure; SameSite=None
oaidts=1662405371; expires=Tue, 05 Sep 2023 19:16:11 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f737137044bf8723f08c0b0c0cc15e3
09b1739b0233cae6ac367553916a0ccbde27358c
17993f56eb56931d57d8b45ba9b08ef9dc5fdb6066dcc4107a21036238b32f76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 19:16:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.418.0-rc
139.45.197.234200 OK 1.9 kB URL HTTP/2 bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.418.0-rc
IP 139.45.197.234:0
File type JSON data\012- , ASCII text, with very long lines (3675), with no line terminators
Hash 1a5b74d5960d6f833ef4c88d744f0a5c
52bd4ea8598f4636d9a1b4baa1307f1d56940c85
cebbd51a967b6de5f29b640e0c59e4f2bb678f379ab376a1e88446978bb95d6c
GET /5/3491150/?oo=1&js_build=iclick-v1.418.0-rc HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:11 GMT
content-type: application/json
x-trace-id: 829faad622e9db642c351f0d01452241
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=78e85d07b9b74f0b9f4c94fcc80d1b74; expires=Tue, 05 Sep 2023 19:16:11 GMT; path=/; secure; SameSite=None
oaidts=1662405371; expires=Tue, 05 Sep 2023 19:16:11 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fd944ad9edbb7770260667b57cb847f
08608fa66c9e27a18fd26ba461cca69a28d6577d
067aec0afc452184026d30eb229a36dccbc4303bd1620ebab03a5c43e8502777
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "067AEC0AFC452184026D30EB229A36DCCBC4303BD1620EBAB03A5C43E8502777"
Last-Modified: Sun, 04 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13057
Expires: Mon, 05 Sep 2022 22:53:48 GMT
Date: Mon, 05 Sep 2022 19:16:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 996389d82ecc630d72606e26c23724f7
27b79395dd6c09259a4a287e436c38878a74084f
dda2fc747e2f476199f882575f2dce3507d5c58751b4e282b8b7bf3fd981289f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDA2FC747E2F476199F882575F2DCE3507D5C58751B4E282B8B7BF3FD981289F"
Last-Modified: Mon, 05 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13212
Expires: Mon, 05 Sep 2022 22:56:23 GMT
Date: Mon, 05 Sep 2022 19:16:11 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 156d7d83d2899889ec3b3a297affd8fa
79aed08f4a4cde43e6ae986d17fc4fd378b72c27
20de311d8c7424285f0b7890d40ea46352e66fba0844e0f4fda134c8ef8eea50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 19:16:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.uponelectabuzzor.club/1?z=5251403
139.45.197.239404 Not Found 7 B URL HTTP/2 cdn.uponelectabuzzor.club/1?z=5251403
IP 139.45.197.239:0
File type ASCII text, with no line terminators
Hash 3b66fb7a307f3ca29bd59b2f354055bd
d6ae6ccb37eb272d94d4a5191fa50372f4d06bba
de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4
GET /1?z=5251403 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 19:16:11 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 3b473a997536f7bf4dc3703cf92d089c
access-control-expose-headers: X-Sc
x-sc: 4KdnrdofxFOHMlcU
set-cookie: scm=1; expires=Tue, 05 Sep 2023 19:16:11 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d7e6d6f714c30fc35359c05ddbf72bb
9d168e385447f25ed566aca84b3245d30498b221
d179621c3fd23e710cad80f5bf4af30b72361a737e98d441756fb52c0999153f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D179621C3FD23E710CAD80F5BF4AF30B72361A737E98D441756FB52C0999153F"
Last-Modified: Sat, 03 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2471
Expires: Mon, 05 Sep 2022 19:57:22 GMT
Date: Mon, 05 Sep 2022 19:16:11 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 912f9a32166cf6d4e458969545df501d
6cecdd7246361b80f2464910ba31ee1f4381ee7d
58d632863a6aab3b308ad380f47595e74120f4495f48e83e89647e4f42533fa3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 19:16:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 06:25:21 GMT
Expires: Mon, 12 Sep 2022 06:25:20 GMT
Etag: "6cecdd7246361b80f2464910ba31ee1f4381ee7d"
Cache-Control: max-age=557948,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74614c445db7b4f9-OSL
my.rtmark.net/gid.js?userId=47ecaf57e902412c9bd06609d1485b0a
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=47ecaf57e902412c9bd06609d1485b0a
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3860d49cabbf048a42cf1b35c5ded721
2baa10f4e85e348647c0efc502b9816d14c84254
d84b1f6727b8671a2c29338a102948e08d6e58804e210962474930f53a716b09
GET /gid.js?userId=47ecaf57e902412c9bd06609d1485b0a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:11 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=47ecaf57e902412c9bd06609d1485b0a; expires=Tue, 05 Sep 2023 19:16:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15764
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 19:16:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15764
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 19:16:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15764
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 19:16:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15764
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 19:16:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4b2d6a516e93799b54fe2bbd6630f86
b5a7380f294876dd308c7fde294f36a425c1be01
7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:06:16 GMT
age: 4195
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10318189f33f071dda64249ab9c8c5bb
e5b5b649a243e5c004d9923d19d4421d1ea96d23
3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJTKTh88iyFXAiPJ-tCCEbqBo3A1cuTj2gCbfHkaVZ1WcgMOTyFfVg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 23:06:26 GMT
age: 72585
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
punoocke.com/401/5292343
139.45.197.236200 OK 36 kB IP 139.45.197.236:0
Hash 303b562334838ed7138b521a214d0a8b
48982e3c0a0a5f2fb2a552c1982e0c75b7d59caf
1f0ba88bcc0ab475bc775a6f06a8dffdf6561cb136aad925e0c53005095ac187
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5292343 HTTP/1.1
Host: punoocke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:11 GMT
content-type: application/javascript
x-trace-id: 5afcc3bb67fa99b7942b915be79d6b95
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5533c39fbc7148178aa83abae71c875a; expires=Tue, 05 Sep 2023 19:16:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fpKQlxOtyRwaZk2FUf11J62jlqcAvXgOQT-ipFQm6qW-dMHyXaEnNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:31 GMT
age: 77200
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nqxzicnkQPrjStpPaMIZAukyjtUBQaXfuxWzIs77YGDyJmnirlMsxw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:54:51 GMT
age: 76880
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca50f9c56ff869b0b63ca71b1a9f8170
13b16ca74113dfd52ccf23e6bb39307fc713f984
76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 14:38:13 GMT
age: 16678
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 19:16:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
punoocke.com/401/5292343
139.45.197.236200 OK 190 kB IP 139.45.197.236:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 190 kB (189806 bytes)
Hash 391fa1d99a01dd9990dfedd45c848764
dff8edfaf72ab5b88431be1ee69a235f8cdef105
2c091e8f1ed1c98ee45ed558cf3a1a29aaf00aede837eb86ec255fa7d4a4d5da
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5292343 HTTP/1.1
Host: punoocke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:11 GMT
content-type: application/javascript
x-trace-id: d9a5dde03b1feed86ae7f21c9c700192
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c0f08c98924d4fb3a72a9b34568d6100; expires=Tue, 05 Sep 2023 19:16:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 05 Sep 2022 18:41:12 GMT
expires: Mon, 05 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 2099
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 19:16:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=47ecaf57e902412c9bd06609d1485b0a
139.45.197.242204 No Content 0 B URL HTTP/2 upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=47ecaf57e902412c9bd06609d1485b0a
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=47ecaf57e902412c9bd06609d1485b0a HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc9e7bfe6510fd6d8a802a97acff21a7
93c41b8c11c9ddea9571db3582cdb5755e7045a4
bab9b67b111815599e6118c35d186da6bff613856101d065117fa27c5a363b11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAB9B67B111815599E6118C35D186DA6BFF613856101D065117FA27C5A363B11"
Last-Modified: Sun, 04 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5010
Expires: Mon, 05 Sep 2022 20:39:42 GMT
Date: Mon, 05 Sep 2022 19:16:12 GMT
Connection: keep-alive
forfrogadiertor.com/500/3487732?excludes=&oaid=47ecaf57e902412c9bd06609d1485b0a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 forfrogadiertor.com/500/3487732?excludes=&oaid=47ecaf57e902412c9bd06609d1485b0a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/3487732?excludes=&oaid=47ecaf57e902412c9bd06609d1485b0a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
upgulpinon.com/11?rnd=1175370225&z=5324394&b=14712565&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=Ju5IAoacneQdCOSu8XKVhyeWLbhMRSzDgyw2-9rGPiQ3MkaMHExc1aYHnKQJv7G4ZKjSkItQV1VUMYG8nByolQxf-_P8FAbcMskHvYPBxxEmVyt_m5c4rhkHRAtP071EfswivB7iwa5Bq-YGD7RvnruspBhiAPt076yPCDBqR6ch8-0tLvkyxtxIw7ekVBRwbL-nBahrMYt0tVtC9u3ALNBLufXJ3DD1O5uGmYfH9JuNnhZeWJnYH0iEx_F3OhnZm8LJHrE6b7knacD_Tfu4TVqHM-zskgZeEYqPv0n-KxVLNTESB-_LZ3JcBb9xWhHDkihq9tckG6qW0TFILtJL7Ps81eEqv3oG4JzO4HM5nu7sBpnUlalkTN9y1MdI3SKRB9SQVvnP8SRyWNjZW6vO1S67X8P-ceJM1LBZmkhhDJp6qiZKZ6FMPDVofeuMPoFL5WgEg-QHtd0qyCbHnSfN6Ylj8pgz8P5KWo5Db2zmn3CT-bKHUiZ_VAsd1CvJqrXW47GuRx-jaBzSXaufAN9qt5IEf0W71TYtB4RHzBIOWnbmUxIz2EGsJkt-tBxXt6XiM06_vAPZa-2JYFhU0qJqK6M2jq4oSQOy8EKqZJbPHHhzt7Bfj0jj_-BLer5mwZuym-Blf6RxFb75VJvwfj5oPA==&ruid=cab0e72f-d56e-4bc3-a5ee-3561cf0fd489&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=93
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=1175370225&z=5324394&b=14712565&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=Ju5IAoacneQdCOSu8XKVhyeWLbhMRSzDgyw2-9rGPiQ3MkaMHExc1aYHnKQJv7G4ZKjSkItQV1VUMYG8nByolQxf-_P8FAbcMskHvYPBxxEmVyt_m5c4rhkHRAtP071EfswivB7iwa5Bq-YGD7RvnruspBhiAPt076yPCDBqR6ch8-0tLvkyxtxIw7ekVBRwbL-nBahrMYt0tVtC9u3ALNBLufXJ3DD1O5uGmYfH9JuNnhZeWJnYH0iEx_F3OhnZm8LJHrE6b7knacD_Tfu4TVqHM-zskgZeEYqPv0n-KxVLNTESB-_LZ3JcBb9xWhHDkihq9tckG6qW0TFILtJL7Ps81eEqv3oG4JzO4HM5nu7sBpnUlalkTN9y1MdI3SKRB9SQVvnP8SRyWNjZW6vO1S67X8P-ceJM1LBZmkhhDJp6qiZKZ6FMPDVofeuMPoFL5WgEg-QHtd0qyCbHnSfN6Ylj8pgz8P5KWo5Db2zmn3CT-bKHUiZ_VAsd1CvJqrXW47GuRx-jaBzSXaufAN9qt5IEf0W71TYtB4RHzBIOWnbmUxIz2EGsJkt-tBxXt6XiM06_vAPZa-2JYFhU0qJqK6M2jq4oSQOy8EKqZJbPHHhzt7Bfj0jj_-BLer5mwZuym-Blf6RxFb75VJvwfj5oPA==&ruid=cab0e72f-d56e-4bc3-a5ee-3561cf0fd489&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=93
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=1175370225&z=5324394&b=14712565&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=Ju5IAoacneQdCOSu8XKVhyeWLbhMRSzDgyw2-9rGPiQ3MkaMHExc1aYHnKQJv7G4ZKjSkItQV1VUMYG8nByolQxf-_P8FAbcMskHvYPBxxEmVyt_m5c4rhkHRAtP071EfswivB7iwa5Bq-YGD7RvnruspBhiAPt076yPCDBqR6ch8-0tLvkyxtxIw7ekVBRwbL-nBahrMYt0tVtC9u3ALNBLufXJ3DD1O5uGmYfH9JuNnhZeWJnYH0iEx_F3OhnZm8LJHrE6b7knacD_Tfu4TVqHM-zskgZeEYqPv0n-KxVLNTESB-_LZ3JcBb9xWhHDkihq9tckG6qW0TFILtJL7Ps81eEqv3oG4JzO4HM5nu7sBpnUlalkTN9y1MdI3SKRB9SQVvnP8SRyWNjZW6vO1S67X8P-ceJM1LBZmkhhDJp6qiZKZ6FMPDVofeuMPoFL5WgEg-QHtd0qyCbHnSfN6Ylj8pgz8P5KWo5Db2zmn3CT-bKHUiZ_VAsd1CvJqrXW47GuRx-jaBzSXaufAN9qt5IEf0W71TYtB4RHzBIOWnbmUxIz2EGsJkt-tBxXt6XiM06_vAPZa-2JYFhU0qJqK6M2jq4oSQOy8EKqZJbPHHhzt7Bfj0jj_-BLer5mwZuym-Blf6RxFb75VJvwfj5oPA==&ruid=cab0e72f-d56e-4bc3-a5ee-3561cf0fd489&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=93 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=47ecaf57e902412c9bd06609d1485b0a; oaidts=1662405371
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5910ac44b411ee846b954f79886e4abf
access-control-expose-headers: X-Sc
set-cookie: OAID=47ecaf57e902412c9bd06609d1485b0a; expires=Tue, 05 Sep 2023 19:16:12 GMT; secure; SameSite=None
oaidts=1662405371; expires=Tue, 05 Sep 2023 19:16:12 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
belickitungchan.com/500/5292343?excludes=&oaid=47ecaf57e902412c9bd06609d1485b0a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 belickitungchan.com/500/5292343?excludes=&oaid=47ecaf57e902412c9bd06609d1485b0a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5292343?excludes=&oaid=47ecaf57e902412c9bd06609d1485b0a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 802a5c09ca2e921bfdcd304944277006
90cac7f0e305f2bf520dd97df1c908bd8f5ecfc8
a5970de89cad194d8e37f1fcc88b92284b7374bc66779833c83ac85fafb4dc6e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5970DE89CAD194D8E37F1FCC88B92284B7374BC66779833C83AC85FAFB4DC6E"
Last-Modified: Sat, 03 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3389
Expires: Mon, 05 Sep 2022 20:12:41 GMT
Date: Mon, 05 Sep 2022 19:16:12 GMT
Connection: keep-alive
offerimage.com/www/images/96d73cf80f752e9319997c6e575c3b82.jpeg
104.22.32.172200 OK 11 kB URL HTTP/2 offerimage.com/www/images/96d73cf80f752e9319997c6e575c3b82.jpeg
IP 104.22.32.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 96d73cf80f752e9319997c6e575c3b82
3dcf9d3b3e94698a842b1a98de17a02a8c3b4457
44dc0e0d92f12e669842f12722ca1a1848fb4be50deabd86c7d9deb64946db86
GET /www/images/96d73cf80f752e9319997c6e575c3b82.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:16:12 GMT
content-type: image/jpeg
content-length: 11449
cache-control: max-age=86400
cf-bgj: h2pri
etag: "627e5574-2cb9"
expires: Tue, 06 Sep 2022 03:52:33 GMT
last-modified: Fri, 13 May 2022 12:56:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 55418
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74614c48fa9d993e-ARN
X-Firefox-Spdy: h2
offerimage.com/www/images/3d08aacb36c7474e0d13b60f8f4adc14.png
104.22.32.172200 OK 66 kB URL HTTP/2 offerimage.com/www/images/3d08aacb36c7474e0d13b60f8f4adc14.png
IP 104.22.32.172:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d08aacb36c7474e0d13b60f8f4adc14
e4af2de372b5e3a2211579a5973ef7ed160e7be4
54b0569cf052e12dd373e86031009d0a54a893275a21c2ef863277a9a978ab1c
GET /www/images/3d08aacb36c7474e0d13b60f8f4adc14.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:16:12 GMT
content-type: image/png
content-length: 66121
last-modified: Mon, 12 Oct 2020 05:50:58 GMT
etag: "5f83eec2-10249"
expires: Tue, 06 Sep 2022 12:18:01 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 25091
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74614c490ac3993e-ARN
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/61/fb/a8/06d3838a8e7328637cdf083bfe/01544696481452.jpeg
139.45.197.153200 OK 27 kB URL HTTP/2 interstitial-07.com/contents/s/61/fb/a8/06d3838a8e7328637cdf083bfe/01544696481452.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 61fba806d3838a8e7328637cdf083bfe
29223df1380b7ac41aa9e510b5b8da3b93a64a3d
074f763f32383523ea0b0286393a392bac1a007ca8ebdbcab0fde8903311e230
GET /contents/s/61/fb/a8/06d3838a8e7328637cdf083bfe/01544696481452.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=B5iDxSzEGheItET&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2472249021%26z%3D5324394%26b%3D14712565%26c%3D6052108%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D286%2526key%253Dd89a07eda2fcee8fdad966c85b07f5be%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DJu5IAoacneQdCOSu8XKVhyeWLbhMRSzDgyw2-9rGPiQ3MkaMHExc1aYHnKQJv7G4ZKjSkItQV1VUMYG8nByolQxf-_P8FAbcMskHvYPBxxEmVyt_m5c4rhkHRAtP071EfswivB7iwa5Bq-YGD7RvnruspBhiAPt076yPCDBqR6ch8-0tLvkyxtxIw7ekVBRwbL-nBahrMYt0tVtC9u3ALNBLufXJ3DD1O5uGmYfH9JuNnhZeWJnYH0iEx_F3OhnZm8LJHrE6b7knacD_Tfu4TVqHM-zskgZeEYqPv0n-KxVLNTESB-_LZ3JcBb9xWhHDkihq9tckG6qW0TFILtJL7Ps81eEqv3oG4JzO4HM5nu7sBpnUlalkTN9y1MdI3SKRB9SQVvnP8SRyWNjZW6vO1S67X8P-ceJM1LBZmkhhDJp6qiZKZ6FMPDVofeuMPoFL5WgEg-QHtd0qyCbHnSfN6Ylj8pgz8P5KWo5Db2zmn3CT-bKHUiZ_VAsd1CvJqrXW47GuRx-jaBzSXaufAN9qt5IEf0W71TYtB4RHzBIOWnbmUxIz2EGsJkt-tBxXt6XiM06_vAPZa-2JYFhU0qJqK6M2jq4oSQOy8EKqZJbPHHhzt7Bfj0jj_-BLer5mwZuym-Blf6RxFb75VJvwfj5oPA%3D%3D%26bag%3D2Vtk9xF_Ft9oNvl2qEPeRQ%3D%3D%26ruid%3Dcab0e72f-d56e-4bc3-a5ee-3561cf0fd489%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FZZdbWQ%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
content-type: image/jpeg
content-length: 27414
last-modified: Sun, 04 Sep 2022 14:43:51 GMT
etag: "6314b9a7-6b16"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d3f119e90267b7b692ff0388e26f459
ba7b92dcaf9f8fa486696bfbdfe2aeec828280ce
2ffb52afe2c56c275517da446c80f869ad97b9edd32566e67022374cfaa6f0b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2FFB52AFE2C56C275517DA446C80F869AD97B9EDD32566E67022374CFAA6F0B4"
Last-Modified: Sat, 03 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10217
Expires: Mon, 05 Sep 2022 22:06:29 GMT
Date: Mon, 05 Sep 2022 19:16:12 GMT
Connection: keep-alive
interstitial-07.com/contents/s/ab/fa/f4/ccaf51b3a7f4db87375797d8ac/01288136168377.jpeg
139.45.197.153200 OK 64 kB URL HTTP/2 interstitial-07.com/contents/s/ab/fa/f4/ccaf51b3a7f4db87375797d8ac/01288136168377.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash abfaf4ccaf51b3a7f4db87375797d8ac
c9eaed01c43105b6f5dc88ec2a30137feb67ad5b
8c3870246869bd639c08bd41c8eb5e60448419d448469551a8251f4fb8f7778e
GET /contents/s/ab/fa/f4/ccaf51b3a7f4db87375797d8ac/01288136168377.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=B5iDxSzEGheItET&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2472249021%26z%3D5324394%26b%3D14712565%26c%3D6052108%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D286%2526key%253Dd89a07eda2fcee8fdad966c85b07f5be%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DJu5IAoacneQdCOSu8XKVhyeWLbhMRSzDgyw2-9rGPiQ3MkaMHExc1aYHnKQJv7G4ZKjSkItQV1VUMYG8nByolQxf-_P8FAbcMskHvYPBxxEmVyt_m5c4rhkHRAtP071EfswivB7iwa5Bq-YGD7RvnruspBhiAPt076yPCDBqR6ch8-0tLvkyxtxIw7ekVBRwbL-nBahrMYt0tVtC9u3ALNBLufXJ3DD1O5uGmYfH9JuNnhZeWJnYH0iEx_F3OhnZm8LJHrE6b7knacD_Tfu4TVqHM-zskgZeEYqPv0n-KxVLNTESB-_LZ3JcBb9xWhHDkihq9tckG6qW0TFILtJL7Ps81eEqv3oG4JzO4HM5nu7sBpnUlalkTN9y1MdI3SKRB9SQVvnP8SRyWNjZW6vO1S67X8P-ceJM1LBZmkhhDJp6qiZKZ6FMPDVofeuMPoFL5WgEg-QHtd0qyCbHnSfN6Ylj8pgz8P5KWo5Db2zmn3CT-bKHUiZ_VAsd1CvJqrXW47GuRx-jaBzSXaufAN9qt5IEf0W71TYtB4RHzBIOWnbmUxIz2EGsJkt-tBxXt6XiM06_vAPZa-2JYFhU0qJqK6M2jq4oSQOy8EKqZJbPHHhzt7Bfj0jj_-BLer5mwZuym-Blf6RxFb75VJvwfj5oPA%3D%3D%26bag%3D2Vtk9xF_Ft9oNvl2qEPeRQ%3D%3D%26ruid%3Dcab0e72f-d56e-4bc3-a5ee-3561cf0fd489%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FZZdbWQ%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
content-type: image/jpeg
content-length: 64281
last-modified: Sat, 02 Apr 2022 01:58:38 GMT
etag: "6247adce-fb19"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
forfrogadiertor.com/500/3487732?excludes=&oaid=47ecaf57e902412c9bd06609d1485b0a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 3.3 kB URL HTTP/2 forfrogadiertor.com/500/3487732?excludes=&oaid=47ecaf57e902412c9bd06609d1485b0a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6664), with no line terminators
Hash 2edd23f3775b0429a1544ad72b248eb2
c8899c81c54174f40db78f79df55378dea5a8966
701ac6096cf53e928efae3234f163ef55dd50364f32cbc68eebe1e1ce6c529b4
GET /500/3487732?excludes=&oaid=47ecaf57e902412c9bd06609d1485b0a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=5eaa8a25b98a46fa9f6a81c51b4b54b3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
content-type: application/javascript
x-trace-id: 6eacce397d0c06ce1f32e0c30f7b3073
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=47ecaf57e902412c9bd06609d1485b0a; expires=Tue, 05 Sep 2023 19:16:12 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
upgulpinon.com/11?rnd=1175370225&z=5324394&b=14712565&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=Ju5IAoacneQdCOSu8XKVhyeWLbhMRSzDgyw2-9rGPiQ3MkaMHExc1aYHnKQJv7G4ZKjSkItQV1VUMYG8nByolQxf-_P8FAbcMskHvYPBxxEmVyt_m5c4rhkHRAtP071EfswivB7iwa5Bq-YGD7RvnruspBhiAPt076yPCDBqR6ch8-0tLvkyxtxIw7ekVBRwbL-nBahrMYt0tVtC9u3ALNBLufXJ3DD1O5uGmYfH9JuNnhZeWJnYH0iEx_F3OhnZm8LJHrE6b7knacD_Tfu4TVqHM-zskgZeEYqPv0n-KxVLNTESB-_LZ3JcBb9xWhHDkihq9tckG6qW0TFILtJL7Ps81eEqv3oG4JzO4HM5nu7sBpnUlalkTN9y1MdI3SKRB9SQVvnP8SRyWNjZW6vO1S67X8P-ceJM1LBZmkhhDJp6qiZKZ6FMPDVofeuMPoFL5WgEg-QHtd0qyCbHnSfN6Ylj8pgz8P5KWo5Db2zmn3CT-bKHUiZ_VAsd1CvJqrXW47GuRx-jaBzSXaufAN9qt5IEf0W71TYtB4RHzBIOWnbmUxIz2EGsJkt-tBxXt6XiM06_vAPZa-2JYFhU0qJqK6M2jq4oSQOy8EKqZJbPHHhzt7Bfj0jj_-BLer5mwZuym-Blf6RxFb75VJvwfj5oPA==&ruid=cab0e72f-d56e-4bc3-a5ee-3561cf0fd489&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=1175370225&z=5324394&b=14712565&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=Ju5IAoacneQdCOSu8XKVhyeWLbhMRSzDgyw2-9rGPiQ3MkaMHExc1aYHnKQJv7G4ZKjSkItQV1VUMYG8nByolQxf-_P8FAbcMskHvYPBxxEmVyt_m5c4rhkHRAtP071EfswivB7iwa5Bq-YGD7RvnruspBhiAPt076yPCDBqR6ch8-0tLvkyxtxIw7ekVBRwbL-nBahrMYt0tVtC9u3ALNBLufXJ3DD1O5uGmYfH9JuNnhZeWJnYH0iEx_F3OhnZm8LJHrE6b7knacD_Tfu4TVqHM-zskgZeEYqPv0n-KxVLNTESB-_LZ3JcBb9xWhHDkihq9tckG6qW0TFILtJL7Ps81eEqv3oG4JzO4HM5nu7sBpnUlalkTN9y1MdI3SKRB9SQVvnP8SRyWNjZW6vO1S67X8P-ceJM1LBZmkhhDJp6qiZKZ6FMPDVofeuMPoFL5WgEg-QHtd0qyCbHnSfN6Ylj8pgz8P5KWo5Db2zmn3CT-bKHUiZ_VAsd1CvJqrXW47GuRx-jaBzSXaufAN9qt5IEf0W71TYtB4RHzBIOWnbmUxIz2EGsJkt-tBxXt6XiM06_vAPZa-2JYFhU0qJqK6M2jq4oSQOy8EKqZJbPHHhzt7Bfj0jj_-BLer5mwZuym-Blf6RxFb75VJvwfj5oPA==&ruid=cab0e72f-d56e-4bc3-a5ee-3561cf0fd489&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=1175370225&z=5324394&b=14712565&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=Ju5IAoacneQdCOSu8XKVhyeWLbhMRSzDgyw2-9rGPiQ3MkaMHExc1aYHnKQJv7G4ZKjSkItQV1VUMYG8nByolQxf-_P8FAbcMskHvYPBxxEmVyt_m5c4rhkHRAtP071EfswivB7iwa5Bq-YGD7RvnruspBhiAPt076yPCDBqR6ch8-0tLvkyxtxIw7ekVBRwbL-nBahrMYt0tVtC9u3ALNBLufXJ3DD1O5uGmYfH9JuNnhZeWJnYH0iEx_F3OhnZm8LJHrE6b7knacD_Tfu4TVqHM-zskgZeEYqPv0n-KxVLNTESB-_LZ3JcBb9xWhHDkihq9tckG6qW0TFILtJL7Ps81eEqv3oG4JzO4HM5nu7sBpnUlalkTN9y1MdI3SKRB9SQVvnP8SRyWNjZW6vO1S67X8P-ceJM1LBZmkhhDJp6qiZKZ6FMPDVofeuMPoFL5WgEg-QHtd0qyCbHnSfN6Ylj8pgz8P5KWo5Db2zmn3CT-bKHUiZ_VAsd1CvJqrXW47GuRx-jaBzSXaufAN9qt5IEf0W71TYtB4RHzBIOWnbmUxIz2EGsJkt-tBxXt6XiM06_vAPZa-2JYFhU0qJqK6M2jq4oSQOy8EKqZJbPHHhzt7Bfj0jj_-BLer5mwZuym-Blf6RxFb75VJvwfj5oPA==&ruid=cab0e72f-d56e-4bc3-a5ee-3561cf0fd489&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=47ecaf57e902412c9bd06609d1485b0a; oaidts=1662405371
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 2a3fa1584abba85d77ae39486617a833
access-control-expose-headers: X-Sc
set-cookie: OAID=47ecaf57e902412c9bd06609d1485b0a; expires=Tue, 05 Sep 2023 19:16:12 GMT; secure; SameSite=None
oaidts=1662405371; expires=Tue, 05 Sep 2023 19:16:12 GMT; secure; SameSite=None
oaidvc=1; expires=Tue, 05 Sep 2023 19:16:12 GMT; secure; SameSite=None
CNT=1_v1_9X7gAAEAAAAoSwAA; expires=Mon, 05 Sep 2022 20:16:12 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 555f906030062987a208191efe1dfb90
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
belickitungchan.com/impression/YlVhBtkumb2o_a2iJpsna8agG9wiuvjHVPXtmhGFqx1SSfJYNwpuVSaJyJeHwOpjV3KSu7w3zrlcYrPSfZr9wkX3iBQBjlTn89a4habmMokb8qR4mBpb1N7BQK8nLy68c8eDJfFTjZl40IdZZV7vaAraHgup6VMLnjLG4ljRtCwZBAptnU144sWehezi9uAJVRggZjtJxDUkHX94SjzAHkyrBg4J1sm0J79eZvc5I1mXyEr_TO-_z1B4W3BfYHnRpjxWsK7JI5r24i4pXWAS9CJaqSVkxPN653N9AOBHkVdIsj_t_g9Tuxky0hagfE-OWFtM3Nex2OtgG1IfJKUyG8RxvnbyYIYH8Z2n60eWDNjxH0bMH3_cTrPP4JoC00Xywdon2223L6NPnnNFyIOVKr9mLsOL863Q4iNPdVbElWK4Eh9nvp3W55RlTQhlBQ-ffCrZqozz_y0J0rDTWPFgHLNvmdw7TSwn56loENcv8hs5yFBZJ3piSwiWtYW0_BRWpI7diewUiybYDLidwACUUxT5ug8raSqxQZyNkAwvLcO8AQl8l4-0Y-IeGfpaUB40G5HNUGxs0qLjmOzhSMc5Pg==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 belickitungchan.com/impression/YlVhBtkumb2o_a2iJpsna8agG9wiuvjHVPXtmhGFqx1SSfJYNwpuVSaJyJeHwOpjV3KSu7w3zrlcYrPSfZr9wkX3iBQBjlTn89a4habmMokb8qR4mBpb1N7BQK8nLy68c8eDJfFTjZl40IdZZV7vaAraHgup6VMLnjLG4ljRtCwZBAptnU144sWehezi9uAJVRggZjtJxDUkHX94SjzAHkyrBg4J1sm0J79eZvc5I1mXyEr_TO-_z1B4W3BfYHnRpjxWsK7JI5r24i4pXWAS9CJaqSVkxPN653N9AOBHkVdIsj_t_g9Tuxky0hagfE-OWFtM3Nex2OtgG1IfJKUyG8RxvnbyYIYH8Z2n60eWDNjxH0bMH3_cTrPP4JoC00Xywdon2223L6NPnnNFyIOVKr9mLsOL863Q4iNPdVbElWK4Eh9nvp3W55RlTQhlBQ-ffCrZqozz_y0J0rDTWPFgHLNvmdw7TSwn56loENcv8hs5yFBZJ3piSwiWtYW0_BRWpI7diewUiybYDLidwACUUxT5ug8raSqxQZyNkAwvLcO8AQl8l4-0Y-IeGfpaUB40G5HNUGxs0qLjmOzhSMc5Pg==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/YlVhBtkumb2o_a2iJpsna8agG9wiuvjHVPXtmhGFqx1SSfJYNwpuVSaJyJeHwOpjV3KSu7w3zrlcYrPSfZr9wkX3iBQBjlTn89a4habmMokb8qR4mBpb1N7BQK8nLy68c8eDJfFTjZl40IdZZV7vaAraHgup6VMLnjLG4ljRtCwZBAptnU144sWehezi9uAJVRggZjtJxDUkHX94SjzAHkyrBg4J1sm0J79eZvc5I1mXyEr_TO-_z1B4W3BfYHnRpjxWsK7JI5r24i4pXWAS9CJaqSVkxPN653N9AOBHkVdIsj_t_g9Tuxky0hagfE-OWFtM3Nex2OtgG1IfJKUyG8RxvnbyYIYH8Z2n60eWDNjxH0bMH3_cTrPP4JoC00Xywdon2223L6NPnnNFyIOVKr9mLsOL863Q4iNPdVbElWK4Eh9nvp3W55RlTQhlBQ-ffCrZqozz_y0J0rDTWPFgHLNvmdw7TSwn56loENcv8hs5yFBZJ3piSwiWtYW0_BRWpI7diewUiybYDLidwACUUxT5ug8raSqxQZyNkAwvLcO8AQl8l4-0Y-IeGfpaUB40G5HNUGxs0qLjmOzhSMc5Pg==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=47ecaf57e902412c9bd06609d1485b0a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:16 GMT
content-type: image/gif
content-length: 43
x-trace-id: 91aaeefe9d24077847f5290bdc840a1c
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5231760bb81282416f2bd27a4261099e
e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9
e0762821086503aef75013b60a4e340d6fbf9b1006fc7f8b4e079440afce8c67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10770
x-amzn-requestid: c6d80cff-8d44-4589-bcf1-1f5a0ab199b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3GH4IAMF6KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-2628cc83263aeeb14ce444ef;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eEuQFQAkBAHlIYBRrvaJ1qjT09ezTNaL67wa77h1wS8fHc5oWi91aQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:45:28 GMT
age: 77450
etag: "e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.itskiddoan.club/apu.php?zoneid=5225632
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddoan.club/apu.php?zoneid=5225632
IP 139.45.197.236:0
GET /apu.php?zoneid=5225632 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=47ecaf57e902412c9bd06609d1485b0a; oaidts=1662405371
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:11 GMT
content-type: application/javascript
x-trace-id: 75143fa3fd6c0e6b51529a9bf01f8ef9
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=47ecaf57e902412c9bd06609d1485b0a; expires=Tue, 05 Sep 2023 19:16:11 GMT; path=/; secure; SameSite=None
oaidts=1662405371; expires=Tue, 05 Sep 2023 19:16:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=N2hwRBXfbQytu3lNMEgdx4Z_l9kX9a5sv7NVw5CxSsymxvS4zOHhuqkvf4HAUpIP2ZMx8lffmRCIf1xq3Qu_N7VUb-MAzUroDs75JsG4Th1cyXCkW7K0QaXIq8X2CDyjNbywrx0euOQSWzMDmp0Nk6PAnESdgO_TIqArlv5W6ESgxSBq34AEn6pUdzeQmk-Cm231-QlWeraUk22-WQXUZg%3D%3D&request_ab2=0&zoneid=3491150&js_build=iclick-v1.418.0-rc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.418.0-rc&bs=8e730a55-941a-4673-a13f-e26c6dfa4d41&userId=47ecaf57e902412c9bd06609d1485b0a&m=link
139.45.197.243200 OK 0 B URL HTTP/2 onmarshtompor.com/?rb=N2hwRBXfbQytu3lNMEgdx4Z_l9kX9a5sv7NVw5CxSsymxvS4zOHhuqkvf4HAUpIP2ZMx8lffmRCIf1xq3Qu_N7VUb-MAzUroDs75JsG4Th1cyXCkW7K0QaXIq8X2CDyjNbywrx0euOQSWzMDmp0Nk6PAnESdgO_TIqArlv5W6ESgxSBq34AEn6pUdzeQmk-Cm231-QlWeraUk22-WQXUZg%3D%3D&request_ab2=0&zoneid=3491150&js_build=iclick-v1.418.0-rc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.418.0-rc&bs=8e730a55-941a-4673-a13f-e26c6dfa4d41&userId=47ecaf57e902412c9bd06609d1485b0a&m=link
IP 139.45.197.243:0
GET /?rb=N2hwRBXfbQytu3lNMEgdx4Z_l9kX9a5sv7NVw5CxSsymxvS4zOHhuqkvf4HAUpIP2ZMx8lffmRCIf1xq3Qu_N7VUb-MAzUroDs75JsG4Th1cyXCkW7K0QaXIq8X2CDyjNbywrx0euOQSWzMDmp0Nk6PAnESdgO_TIqArlv5W6ESgxSBq34AEn6pUdzeQmk-Cm231-QlWeraUk22-WQXUZg%3D%3D&request_ab2=0&zoneid=3491150&js_build=iclick-v1.418.0-rc&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.418.0-rc&bs=8e730a55-941a-4673-a13f-e26c6dfa4d41&userId=47ecaf57e902412c9bd06609d1485b0a&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
content-type: application/json
x-trace-id: 64ca9a7ddd1e5ae260e05c00a2d08a7b
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=47ecaf57e902412c9bd06609d1485b0a; expires=Tue, 05 Sep 2023 19:16:12 GMT; path=/; secure; SameSite=None
oaidts=1662405372; expires=Tue, 05 Sep 2023 19:16:12 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 12 Sep 2022 19:16:12 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
belickitungchan.com/500/5292343?excludes=&oaid=47ecaf57e902412c9bd06609d1485b0a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 belickitungchan.com/500/5292343?excludes=&oaid=47ecaf57e902412c9bd06609d1485b0a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5292343?excludes=&oaid=47ecaf57e902412c9bd06609d1485b0a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=25dd683ad9694dc19088377ca1a5a237
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
content-type: application/javascript
x-trace-id: 29a40959fae700be3fb8a4eba9cdc428
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=47ecaf57e902412c9bd06609d1485b0a; expires=Tue, 05 Sep 2023 19:16:12 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/?l=B5iDxSzEGheItET&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2472249021%26z%3D5324394%26b%3D14712565%26c%3D6052108%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D286%2526key%253Dd89a07eda2fcee8fdad966c85b07f5be%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DJu5IAoacneQdCOSu8XKVhyeWLbhMRSzDgyw2-9rGPiQ3MkaMHExc1aYHnKQJv7G4ZKjSkItQV1VUMYG8nByolQxf-_P8FAbcMskHvYPBxxEmVyt_m5c4rhkHRAtP071EfswivB7iwa5Bq-YGD7RvnruspBhiAPt076yPCDBqR6ch8-0tLvkyxtxIw7ekVBRwbL-nBahrMYt0tVtC9u3ALNBLufXJ3DD1O5uGmYfH9JuNnhZeWJnYH0iEx_F3OhnZm8LJHrE6b7knacD_Tfu4TVqHM-zskgZeEYqPv0n-KxVLNTESB-_LZ3JcBb9xWhHDkihq9tckG6qW0TFILtJL7Ps81eEqv3oG4JzO4HM5nu7sBpnUlalkTN9y1MdI3SKRB9SQVvnP8SRyWNjZW6vO1S67X8P-ceJM1LBZmkhhDJp6qiZKZ6FMPDVofeuMPoFL5WgEg-QHtd0qyCbHnSfN6Ylj8pgz8P5KWo5Db2zmn3CT-bKHUiZ_VAsd1CvJqrXW47GuRx-jaBzSXaufAN9qt5IEf0W71TYtB4RHzBIOWnbmUxIz2EGsJkt-tBxXt6XiM06_vAPZa-2JYFhU0qJqK6M2jq4oSQOy8EKqZJbPHHhzt7Bfj0jj_-BLer5mwZuym-Blf6RxFb75VJvwfj5oPA%3D%3D%26bag%3D2Vtk9xF_Ft9oNvl2qEPeRQ%3D%3D%26ruid%3Dcab0e72f-d56e-4bc3-a5ee-3561cf0fd489%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FZZdbWQ%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.153200 OK 0 B URL HTTP/2 interstitial-07.com/?l=B5iDxSzEGheItET&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2472249021%26z%3D5324394%26b%3D14712565%26c%3D6052108%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D286%2526key%253Dd89a07eda2fcee8fdad966c85b07f5be%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DJu5IAoacneQdCOSu8XKVhyeWLbhMRSzDgyw2-9rGPiQ3MkaMHExc1aYHnKQJv7G4ZKjSkItQV1VUMYG8nByolQxf-_P8FAbcMskHvYPBxxEmVyt_m5c4rhkHRAtP071EfswivB7iwa5Bq-YGD7RvnruspBhiAPt076yPCDBqR6ch8-0tLvkyxtxIw7ekVBRwbL-nBahrMYt0tVtC9u3ALNBLufXJ3DD1O5uGmYfH9JuNnhZeWJnYH0iEx_F3OhnZm8LJHrE6b7knacD_Tfu4TVqHM-zskgZeEYqPv0n-KxVLNTESB-_LZ3JcBb9xWhHDkihq9tckG6qW0TFILtJL7Ps81eEqv3oG4JzO4HM5nu7sBpnUlalkTN9y1MdI3SKRB9SQVvnP8SRyWNjZW6vO1S67X8P-ceJM1LBZmkhhDJp6qiZKZ6FMPDVofeuMPoFL5WgEg-QHtd0qyCbHnSfN6Ylj8pgz8P5KWo5Db2zmn3CT-bKHUiZ_VAsd1CvJqrXW47GuRx-jaBzSXaufAN9qt5IEf0W71TYtB4RHzBIOWnbmUxIz2EGsJkt-tBxXt6XiM06_vAPZa-2JYFhU0qJqK6M2jq4oSQOy8EKqZJbPHHhzt7Bfj0jj_-BLer5mwZuym-Blf6RxFb75VJvwfj5oPA%3D%3D%26bag%3D2Vtk9xF_Ft9oNvl2qEPeRQ%3D%3D%26ruid%3Dcab0e72f-d56e-4bc3-a5ee-3561cf0fd489%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FZZdbWQ%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.153:0
GET /?l=B5iDxSzEGheItET&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2472249021%26z%3D5324394%26b%3D14712565%26c%3D6052108%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D286%2526key%253Dd89a07eda2fcee8fdad966c85b07f5be%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DJu5IAoacneQdCOSu8XKVhyeWLbhMRSzDgyw2-9rGPiQ3MkaMHExc1aYHnKQJv7G4ZKjSkItQV1VUMYG8nByolQxf-_P8FAbcMskHvYPBxxEmVyt_m5c4rhkHRAtP071EfswivB7iwa5Bq-YGD7RvnruspBhiAPt076yPCDBqR6ch8-0tLvkyxtxIw7ekVBRwbL-nBahrMYt0tVtC9u3ALNBLufXJ3DD1O5uGmYfH9JuNnhZeWJnYH0iEx_F3OhnZm8LJHrE6b7knacD_Tfu4TVqHM-zskgZeEYqPv0n-KxVLNTESB-_LZ3JcBb9xWhHDkihq9tckG6qW0TFILtJL7Ps81eEqv3oG4JzO4HM5nu7sBpnUlalkTN9y1MdI3SKRB9SQVvnP8SRyWNjZW6vO1S67X8P-ceJM1LBZmkhhDJp6qiZKZ6FMPDVofeuMPoFL5WgEg-QHtd0qyCbHnSfN6Ylj8pgz8P5KWo5Db2zmn3CT-bKHUiZ_VAsd1CvJqrXW47GuRx-jaBzSXaufAN9qt5IEf0W71TYtB4RHzBIOWnbmUxIz2EGsJkt-tBxXt6XiM06_vAPZa-2JYFhU0qJqK6M2jq4oSQOy8EKqZJbPHHhzt7Bfj0jj_-BLer5mwZuym-Blf6RxFb75VJvwfj5oPA%3D%3D%26bag%3D2Vtk9xF_Ft9oNvl2qEPeRQ%3D%3D%26ruid%3Dcab0e72f-d56e-4bc3-a5ee-3561cf0fd489%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FZZdbWQ%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
set-cookie: reverse=hjBMUssP0gEFzmcn6yf5F-vrIQd1_Ahoyh1ZlQEZwmE; expires=Mon, 05-Sep-2022 20:16:12 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
tei.ai/ZZdbWQ
104.21.12.229301 Moved Permanently 0 B IP 104.21.12.229:0
GET /ZZdbWQ HTTP/1.1
Host: tei.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Mon, 05 Sep 2022 19:16:10 GMT
content-type: text/html; charset=UTF-8
location: https://ckk.ai/ZZdbWQ
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlE3WggVOHTUBl9cnXzSN9tWYZG6o1V6FebPYjZrlLaNgxpHcCdBTMGK51AWYOQtAhwRUudIttfXX%2FYOC3GvCSTBPToi%2F5xd%2BF%2BljoHV3H7XAvbOFKx%2B76o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74614c37c9b60b59-OSL
X-Firefox-Spdy: h2
upgulpinon.com/1?z=5324394
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/1?z=5324394
IP 139.45.197.242:0
Analyzer Verdict Alert fortinet Malware
GET /1?z=5324394 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:11 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f293f0308f5672f651855a0f43927590
access-control-expose-headers: X-Sc
x-sc: _7CsCA_HuvHOUacqf_o4z-fEHHj2R7JEAnviSJp8eQwcL32ppRretEwkNSTQbyN39R96lxhC4_XmZT25yxtmSt8nLP4=
set-cookie: scm=1; expires=Tue, 05 Sep 2023 19:16:11 GMT; secure; SameSite=None
OAID=cb377d75da884f5a8445b59a5805e03c; expires=Tue, 05 Sep 2023 19:16:11 GMT; secure; SameSite=None
oaidts=1662405371; expires=Tue, 05 Sep 2023 19:16:11 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
belickitungchan.com/400/5292343
139.45.197.239200 OK 0 B URL HTTP/2 belickitungchan.com/400/5292343
IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5292343 HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:11 GMT
content-type: application/javascript
x-trace-id: b5caed457412467d4cb4ea4c1c9d8ada
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=25dd683ad9694dc19088377ca1a5a237; expires=Tue, 05 Sep 2023 19:16:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddoan.club/?rb=QHS70qxC1kmB9FBC9DFbwcMQ6Uq3SB_C8A2zsx4BrY2DgtqBpayMJMzVGcDzWFsJBlfLmmEky0Xld9uCIZ8xByrhnBT1cogmhWoI0AJ9M1GvBAnYsRAENVPHFKgACU9uAui1Y-0_TBtFvkkGVpNwoEH4I8Jq6h-nwm2gsr-qZsC4mg0x3levm97u2PMdQ7HRPTCNI3O7OYCYme79mTTr2w%3D%3D&request_ab2=0&zoneid=5225632&js_build=iclick-v1.421.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.421.0&bs=ad1ce50e-addd-480d-83e7-03fdc625aeb8&userId=47ecaf57e902412c9bd06609d1485b0a&m=link
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddoan.club/?rb=QHS70qxC1kmB9FBC9DFbwcMQ6Uq3SB_C8A2zsx4BrY2DgtqBpayMJMzVGcDzWFsJBlfLmmEky0Xld9uCIZ8xByrhnBT1cogmhWoI0AJ9M1GvBAnYsRAENVPHFKgACU9uAui1Y-0_TBtFvkkGVpNwoEH4I8Jq6h-nwm2gsr-qZsC4mg0x3levm97u2PMdQ7HRPTCNI3O7OYCYme79mTTr2w%3D%3D&request_ab2=0&zoneid=5225632&js_build=iclick-v1.421.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.421.0&bs=ad1ce50e-addd-480d-83e7-03fdc625aeb8&userId=47ecaf57e902412c9bd06609d1485b0a&m=link
IP 139.45.197.236:0
GET /?rb=QHS70qxC1kmB9FBC9DFbwcMQ6Uq3SB_C8A2zsx4BrY2DgtqBpayMJMzVGcDzWFsJBlfLmmEky0Xld9uCIZ8xByrhnBT1cogmhWoI0AJ9M1GvBAnYsRAENVPHFKgACU9uAui1Y-0_TBtFvkkGVpNwoEH4I8Jq6h-nwm2gsr-qZsC4mg0x3levm97u2PMdQ7HRPTCNI3O7OYCYme79mTTr2w%3D%3D&request_ab2=0&zoneid=5225632&js_build=iclick-v1.421.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FZZdbWQ&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.421.0&bs=ad1ce50e-addd-480d-83e7-03fdc625aeb8&userId=47ecaf57e902412c9bd06609d1485b0a&m=link HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Cookie: OAID=47ecaf57e902412c9bd06609d1485b0a; oaidts=1662405371
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:12 GMT
content-type: application/json
x-trace-id: b31fa9348db1ad2fe14087780922feb7
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=47ecaf57e902412c9bd06609d1485b0a; expires=Tue, 05 Sep 2023 19:16:12 GMT; path=/; secure; SameSite=None
oaidts=1662405372; expires=Tue, 05 Sep 2023 19:16:12 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 12 Sep 2022 19:16:12 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
iclickcdn.com/tag.min.js
172.67.75.9200 OK 0 B IP 172.67.75.9:0
GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:16:11 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 0916549f7ff9179570f16c09d4f0e642
cache-control: max-age=86400
last-modified: Thu, 01 Sep 2022 10:00:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 06 Sep 2022 00:04:31 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 69100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tm%2FbEoJ6%2FiKGQy%2FPNfKVOPIJao58pbLCaFpfwUSrBr2X2aalu%2FPncTWyZ%2FmXy7ftIUgyuFhtakgKCA%2Bp2YAtI%2FoSDAH%2B%2Bc8v4s38SvEibmfgtrrle8y7wcfx5NHpbkI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74614c41893ab529-OSL
content-encoding: br
X-Firefox-Spdy: h2
upgulpinon.com/27/8ccc88619026835a3c9fe26852e41eb0
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/27/8ccc88619026835a3c9fe26852e41eb0
IP 139.45.197.242:0
Analyzer Verdict Alert fortinet Malware
GET /27/8ccc88619026835a3c9fe26852e41eb0 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=cb377d75da884f5a8445b59a5805e03c; oaidts=1662405371
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:16:11 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 01 Sep 2022 07:56:33 GMT
expires: Thu, 01 Oct 2082 07:56:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2