well-beingforwarriors.org/
35.215.170.152 10 kB URL User Request GET well-beingforwarriors.org/
IP 35.215.170.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (25751), with CRLF line terminators
Hash 3f1dac8a47adaa2c83064668d5666e68
16289faa184e85b90baf8ebd31d3c0a1e4decd33
9439639357478b6f92a690ec6871245e445e87f20dbf23c6f52a9e73f96acb6f
Analyzer Verdict Alert openphish Outlook
GET / HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:26 GMT
Content-Type: text/html
Last-Modified: Thu, 25 May 2023 02:44:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"646ecb97-9023"
Content-Encoding: gzip
well-beingforwarriors.org/main.js
35.215.170.152200 OK 538 B URL GET HTTP/1.1 well-beingforwarriors.org/main.js
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type HTML document, ASCII text, with very long lines (477), with CRLF line terminators
Hash b98718dc9727e09aa8fe2bb13ee305be
c600d936ad9cba3cf9080a27ca56b46a7f288099
b37eda572da0d9c0e8caef336c7226b9148f488cf4529e9cced15f6da9ecc79a
Analyzer Verdict Alert openphish Outlook
GET /main.js HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:26 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 May 2023 02:44:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"646ecb97-4d0"
Expires: Fri, 02 Jun 2023 23:01:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
well-beingforwarriors.org/js/vh-check.min.js
35.215.170.152200 OK 899 B URL GET HTTP/1.1 well-beingforwarriors.org/js/vh-check.min.js
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type ASCII text, with very long lines (899), with no line terminators
Hash 084d7a4663ddc3dc292cb74ab6bdffb5
dd90785ddc845dea020161d5a89e7bebc1281e6a
4fdd6e4cb2c2a3940a3425018c99115cce42bfb99e2eab44aef5ac10ab5c45aa
Analyzer Verdict Alert openphish Outlook
GET /js/vh-check.min.js HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:26 GMT
Content-Type: application/javascript
Content-Length: 899
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Connection: keep-alive
ETag: "63ed87b1-383"
Expires: Fri, 02 Jun 2023 23:01:26 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
well-beingforwarriors.org/js/lazyload.min.js
35.215.170.152200 OK 2.2 kB URL GET HTTP/1.1 well-beingforwarriors.org/js/lazyload.min.js
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type ASCII text, with very long lines (5231)
Hash 854c52e355fb13af3fd2bae090526756
1029aeaf9be56df1b63abecbf76218ba43e214b7
3d537fb9e273d85d6003624569dd8ed7db095a1ed6cf4988e4c498e112ee236b
Analyzer Verdict Alert openphish Outlook
GET /js/lazyload.min.js HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:26 GMT
Content-Type: application/javascript
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ed87b1-1498"
Expires: Fri, 02 Jun 2023 23:01:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
well-beingforwarriors.org/js/jquery.onscreen.js
35.215.170.152200 OK 2.5 kB URL GET HTTP/1.1 well-beingforwarriors.org/js/jquery.onscreen.js
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type ASCII text, with very long lines (6120), with no line terminators
Hash ab0b6e2f1433b363b03dad2feb296bef
2e55372e80db0576dfa84aac1bac7e17e954be4b
558d8b7bd64db0779111105432910945d802cbe1e236341f37e5b1d1f9a6f009
Analyzer Verdict Alert openphish Outlook
GET /js/jquery.onscreen.js HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:26 GMT
Content-Type: application/javascript
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ed87b1-17e8"
Expires: Fri, 02 Jun 2023 23:01:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
bd51static.com/11sp.js
104.21.37.150200 OK 426 B IP 104.21.37.150:80
Requested by http://well-beingforwarriors.org/
File type HTML document, ASCII text, with very long lines (554)
Hash c0ade734701d9db09181bbc8cfcf4652
94c04893016de3c8d6f3e6af12e3998dadb4e32c
c13332db7ef27f7fd3b7632833da00298d50531b267913436ec1a0df564156a5
GET /11sp.js HTTP/1.1
Host: bd51static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 11:01:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 10 Jan 2022 11:18:35 GMT
Vary: Accept-Encoding
ETag: W/"61dc160b-456"
Expires: Fri, 02 Jun 2023 23:01:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMTx1FypJwSybkEVMENd68jGpBZ%2B2FAiiTgpwcvKq9X7GJBraX0IKFuS7IBpuv212uGijUyxSFs%2FhMik1%2BfqYlRz4ZfcKiR54V2E%2FKa1E4xjAf%2Fuc7I1JPtz1VIvw5hORA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d0f32c89898b503-OSL
alt-svc: h2=":443"; ma=60
well-beingforwarriors.org/js/detect-os.js
35.215.170.152200 OK 129 B URL GET HTTP/1.1 well-beingforwarriors.org/js/detect-os.js
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type ASCII text, with no line terminators
Hash 6d07cbe9a19738c5507d00b5a1adc708
a59539b27bba01d0d3f7785984e6c0cf97f28a61
2edc8c05d0d2afea59237de5580c7aa7e2f2ff07bb0a61f3baa94c5b2b215075
Analyzer Verdict Alert openphish Outlook
GET /js/detect-os.js HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:26 GMT
Content-Type: application/javascript
Content-Length: 129
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Connection: keep-alive
ETag: "63ed87b1-81"
Expires: Fri, 02 Jun 2023 23:01:26 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
well-beingforwarriors.org/js/jquery-3.6.0.min.js
35.215.170.152200 OK 35 kB URL GET HTTP/1.1 well-beingforwarriors.org/js/jquery-3.6.0.min.js
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type ASCII text, with very long lines (65353)
Hash 52c35f3c6d9a12dd37946de42a64d359
c3ff35c08b7a8df62c971d73573a2ac2ed099676
8ffc26efed96228373a1b47b819f84dfc6e6b14e05289ab7fd41ed85c0bd0864
Analyzer Verdict Alert openphish Outlook
GET /js/jquery-3.6.0.min.js HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:26 GMT
Content-Type: application/javascript
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ed87b1-15dfb"
Expires: Fri, 02 Jun 2023 23:01:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
well-beingforwarriors.org/js/dom-scripts.js
35.215.170.152200 OK 1.9 kB URL GET HTTP/1.1 well-beingforwarriors.org/js/dom-scripts.js
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type ASCII text, with very long lines (4774), with no line terminators
Hash 6e748590a49e7591024fdc312643a06f
dbcde23a3308b47fc3258df327e1a59a82ec3d35
818d7a4e212217620653af2fe59cf4da9176c3887f9a10d8495a6b94d2803fde
Analyzer Verdict Alert openphish Outlook
GET /js/dom-scripts.js HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:27 GMT
Content-Type: application/javascript
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ed87b1-12a6"
Expires: Fri, 02 Jun 2023 23:01:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
well-beingforwarriors.org/css/compiled.css
35.215.170.152200 OK 19 kB URL GET HTTP/1.1 well-beingforwarriors.org/css/compiled.css
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8489824d66864ccff68b6cf31cb7ed09
a567f5d7c4dd489245e3a0183df72965e1f651e7
67a066015143a9dca79a4a82df4f04447ec9c78b06e09073d5c0740a2eba11dc
Analyzer Verdict Alert openphish Outlook
GET /css/compiled.css HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:26 GMT
Content-Type: text/css
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ed87b1-1a608"
Expires: Fri, 02 Jun 2023 23:01:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
sdk.51.la/js-sdk-pro.min.js
42.236.73.197200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 42.236.73.197:80
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://well-beingforwarriors.org/
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 02 Jun 2023 11:01:02 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 15 May 2023 03:20:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6461a4f2-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ow2.res.office365.com/owalanding/2022.4.26.01/images/fabric-close-x.svg
95.101.10.208200 OK 248 B URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/fabric-close-x.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash a2bac60f52f3c17435d2d017deeefd81
d601ddf0eeaa88393458afb666c2e39720fece6e
14a5d675f5801a97199f712daa42d11513391a525b41137ec3bf3cc6f2eb690c
GET /owalanding/2022.4.26.01/images/fabric-close-x.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: 5c9085ea-d01e-0020-14ec-768430000000
content-encoding: gzip
content-length: 248
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d59882a"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
ow2.res.office365.com/owalanding/2022.4.26.01/images/security-feature-onedrive.svg
95.101.10.208200 OK 785 B URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/security-feature-onedrive.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1428)
Hash 3c47d3813ee62e9c45effd5222847b34
5b31fdcdd4227da7fd3a1f1d26454224eabff177
2792bb191580b84f45fc11f86642dd070ced0bce36132c58d268cef0d2db6d93
GET /owalanding/2022.4.26.01/images/security-feature-onedrive.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: ed5067e1-801e-005f-5754-834bab000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
content-length: 785
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d59881c"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
ow2.res.office365.com/owalanding/2022.4.26.01/images/glyph-apple.svg
95.101.10.208200 OK 393 B URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/glyph-apple.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (356)
Hash e052240b27afbcc995add521ddedc650
55040ea53797e954ede33b6756c897a140c2046a
352713416d8db164458cde13fb6e09d7eea91fdaaac92a34d886bc62413b2d9f
GET /owalanding/2022.4.26.01/images/glyph-apple.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: 582773e6-b01e-0019-4c54-837f2c000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
content-length: 393
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d598822"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
ow2.res.office365.com/owalanding/2022.4.26.01/images/security-feature-microsoft.svg
95.101.10.208200 OK 252 B URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/security-feature-microsoft.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash 4a2a8d5999d744f1ca67f11e882748d7
b83b280d25ba9ff8b63af36c3d741ceecb44ed59
6baeb82bf595389bdd0338dd17ab7ee6d58a41ae1f9025e686260dcf683682d1
GET /owalanding/2022.4.26.01/images/security-feature-microsoft.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: 5ead7f26-101e-0000-6a78-93ff97000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
content-length: 252
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d59883a"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
ow2.res.office365.com/owalanding/2022.4.26.01/images/hotmail-ornament.svg
95.101.10.208200 OK 1.1 kB URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/hotmail-ornament.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2493)
Hash 159339f1c5bc237fdb82fd74847ea9a9
543ade5f642fdbb419cb7defecb15d988c0317ff
bd1473a0d2c71d05c47e714d2d1f757d731694977ba594b90be1cb3b558894d0
GET /owalanding/2022.4.26.01/images/hotmail-ornament.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: bd0ea575-301e-005a-7998-849970000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
content-length: 1141
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d59881f"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
ow2.res.office365.com/owalanding/2022.4.26.01/images/security-feature-attachments.svg
95.101.10.208200 OK 596 B URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/security-feature-attachments.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (969)
Hash 85ce6bc0f1b55a29601401a41b6d4c61
5cf416e0bdf9012be7bf549787f6005a5f5a87ac
11fe115867ca6e26d27f22b9c947a735230a46fe1e61ee0e49f6686cf9dffa68
GET /owalanding/2022.4.26.01/images/security-feature-attachments.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: 65367706-d01e-000f-1ef2-8589fb000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
content-length: 596
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d59881a"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
well-beingforwarriors.org/prefetch.html
35.215.170.152200 OK 0 B URL GET HTTP/1.1 well-beingforwarriors.org/prefetch.html
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Outlook
GET /prefetch.html HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:27 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Connection: keep-alive
ETag: "63ed87b1-0"
Accept-Ranges: bytes
ow2.res.office365.com/owalanding/2022.4.26.01/images/security-feature-encryption.svg
95.101.10.208200 OK 881 B URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/security-feature-encryption.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1658)
Hash 82afffff3e9c1b343557bcc19a5a91dd
e27fe27fc0978546bcf8e1b0becf731abed7b024
ff7f9d2b0bfbc3f045af507156ac0e83de442a938cd8a9bd54115ef1955623bf
GET /owalanding/2022.4.26.01/images/security-feature-encryption.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:25 GMT
x-ms-request-id: c996411b-701e-004b-1b54-8303c4000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
content-length: 881
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d598817"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
ow2.res.office365.com/owalanding/2022.4.26.01/images/download-app-badge-android.svg
95.101.10.208200 OK 2.3 kB URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/download-app-badge-android.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1613)
Hash 6fd7486f3637920c8a1b57329b9270d7
9bc3715628c27fe5f298f1ce19750365d1fa10ce
6c26f3ccb2160069e0da092618398f5d03ff757d576a2eb36cacff6650eeb20a
GET /owalanding/2022.4.26.01/images/download-app-badge-android.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: fcfa2723-801e-004f-3654-838ec3000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
content-length: 2261
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d59883f"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
ow2.res.office365.com/owalanding/2022.4.26.01/images/glyph-googleplay.svg
95.101.10.208200 OK 359 B URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/glyph-googleplay.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash b1c377dd0a898ceb7e3da24b542aa9a5
d0826bb9b80f087449ec9e0163be363178337a94
d1b15b9e7fa1f81cf38cc8acb86abe235cc9cbee018459a26ea7fa3651c53500
GET /owalanding/2022.4.26.01/images/glyph-googleplay.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: 7033ad4a-001e-0051-18f2-85621b000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
content-length: 359
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d598828"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
ow2.res.office365.com/owalanding/2022.4.26.01/images/ms-wordmark-white.svg
95.101.10.208200 OK 1.3 kB URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/ms-wordmark-white.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2857)
Hash 5965a40137c6c8f8c2919edb9cc62830
6fa358916a5c7ff2b0d3572e0f292cedb7741c3d
08c1232d1e378e868a442a4389e3b6669de65ef545817c3bb037bb4921899645
GET /owalanding/2022.4.26.01/images/ms-wordmark-white.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: 7151c755-801e-0060-77f8-908308000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
content-length: 1340
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d598844"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
ow2.res.office365.com/owalanding/2022.4.26.01/images/premium-diamond-03.svg
95.101.10.208200 OK 529 B URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/premium-diamond-03.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7ef29af11933aaa105d1ebfd2da4f9f6
d4c1b374c499d850874b160fc8143dab7af8b51f
942ddc15ac06f0a72cbca08196ea15a7a1c4ac24517a60662630f99060166563
GET /owalanding/2022.4.26.01/images/premium-diamond-03.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: 873942cc-501e-005c-6ff2-85aacf000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
content-length: 529
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d59881b"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
ow2.res.office365.com/owalanding/2022.4.26.01/images/triangle-up.svg
95.101.10.208200 OK 214 B URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/triangle-up.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash 0f2d5c1835fd1fbf37382d4c117ef872
c7ed7c2a3cd7e7c675332b0e75378a61de4c4efd
82e67e20258af2aaeec8c5093e2a3a6d10d58538dfb05b8c5acff9cea6e18e3a
GET /owalanding/2022.4.26.01/images/triangle-up.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: 38ea8804-f01e-0018-48f8-9020f0000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
content-length: 214
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d59885f"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
sdk.51.la/js-sdk-pro.min.js
42.236.73.197200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 42.236.73.197:80
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://well-beingforwarriors.org/
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 02 Jun 2023 11:01:02 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 15 May 2023 03:20:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6461a4f2-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ow2.res.office365.com/owalanding/2022.4.26.01/fonts/segoeui-semibold.woff
95.101.10.208200 OK 32 kB URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/fonts/segoeui-semibold.woff
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31712, version 1.0\012- data
Hash f9ec3999394b8cce87da4f77e45a5a6a
abb546981566494ea71c7e294caa59bd60906887
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
GET /owalanding/2022.4.26.01/fonts/segoeui-semibold.woff HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://well-beingforwarriors.org
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 31712
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: 23377cf5-a01e-0005-6e57-6f2d4c000000
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d59886f"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
ow2.res.office365.com/owalanding/2022.4.26.01/images/download-app-badge-ios.svg
95.101.10.208200 OK 4.1 kB URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/download-app-badge-ios.svg
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 2928664fe1fc6aca88583a6f606d60ba
2f2fe1cbd0563b3ce3ea79fcdf1549ed244b3993
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
GET /owalanding/2022.4.26.01/images/download-app-badge-ios.svg HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: f4efac7c-801e-005f-48f2-8e4bab000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
content-length: 4084
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d598815"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
ow2.res.office365.com/owalanding/2022.4.26.01/fonts/segoeui-regular.woff
95.101.10.208200 OK 35 kB URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/fonts/segoeui-regular.woff
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 34924, version 1.0\012- data
Hash 46749bbaebfe8f28b80df5381dd55aa4
ec0c969053ec70db78b2067955330b6d50df6300
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b
GET /owalanding/2022.4.26.01/fonts/segoeui-regular.woff HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://well-beingforwarriors.org
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 34924
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: 852c04cf-c01e-0061-11f2-85dcd4000000
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:27 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703687.5d598867"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
well-beingforwarriors.org/png/mobile-scenario-triptych-android-02.png
35.215.170.152200 OK 87 kB URL GET HTTP/1.1 well-beingforwarriors.org/png/mobile-scenario-triptych-android-02.png
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type PNG image data, 563 x 1186, 8-bit colormap, non-interlaced\012- data
Hash b1f018e01c5ff2ab83c9ba2eb6bd68ff
16fab445de45381c3b07a6d860ea2d906386591f
8c07b86a081e65e922020324f7be8133c7077926373b7c7e2add9cb009fc445f
Analyzer Verdict Alert openphish Outlook
GET /png/mobile-scenario-triptych-android-02.png HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:27 GMT
Content-Type: image/png
Content-Length: 86698
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Connection: keep-alive
ETag: "63ed87b1-152aa"
Expires: Sun, 02 Jul 2023 11:01:27 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
well-beingforwarriors.org/png/mobile-scenario-triptych-android-03.png
35.215.170.152200 OK 78 kB URL GET HTTP/1.1 well-beingforwarriors.org/png/mobile-scenario-triptych-android-03.png
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type PNG image data, 563 x 1186, 8-bit colormap, non-interlaced\012- data
Hash 1c660888b2b3881fda22f2b7ac4ce179
079ac1080efcd4913c99abaafeb9d917f17478b7
5707747b4121c88eaf38ecaca02bc74495008df9dfce23a00177ffe8db4366a1
Analyzer Verdict Alert openphish Outlook
GET /png/mobile-scenario-triptych-android-03.png HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:27 GMT
Content-Type: image/png
Content-Length: 78422
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Connection: keep-alive
ETag: "63ed87b1-13256"
Expires: Sun, 02 Jul 2023 11:01:27 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
well-beingforwarriors.org/png/mobile-scenario-triptych-android-01.png
35.215.170.152200 OK 84 kB URL GET HTTP/1.1 well-beingforwarriors.org/png/mobile-scenario-triptych-android-01.png
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type PNG image data, 563 x 1186, 8-bit colormap, non-interlaced\012- data
Hash 544eafb2f6de9b4cd6b21e593c1676db
41bb4ffbb462d8f0b39c915be0b331d3046b78bf
c3bf32ab9960748430a62f0d709a13e410dddee3ac6f10950d94337b49355d6b
Analyzer Verdict Alert openphish Outlook
GET /png/mobile-scenario-triptych-android-01.png HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:27 GMT
Content-Type: image/png
Content-Length: 83924
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Connection: keep-alive
ETag: "63ed87b1-147d4"
Expires: Sun, 02 Jul 2023 11:01:27 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL GET HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:80
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://well-beingforwarriors.org/
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 02 Jun 2023 11:01:27 GMT
Etag: "4078521116"
Expires: Sat, 01 Jun 2024 11:01:27 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=FF61D592086152F87E01155F629F01B7:FG=1; max-age=31536000; expires=Sat, 01-Jun-24 11:01:27 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
well-beingforwarriors.org/png/mobile-scenario-triptych-ios-03.png
35.215.170.152200 OK 87 kB URL GET HTTP/1.1 well-beingforwarriors.org/png/mobile-scenario-triptych-ios-03.png
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type PNG image data, 548 x 1101, 8-bit colormap, non-interlaced\012- data
Hash 98da3e6a052bc21087bcb0e80e3486ae
a2a6b9da54108f863b11ed4aa98fa1b5487813cc
e439f95877097c81c33c8ad37d9ddec0c17f572f96703738f6fd90583fc1c283
Analyzer Verdict Alert openphish Outlook
GET /png/mobile-scenario-triptych-ios-03.png HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:28 GMT
Content-Type: image/png
Content-Length: 87308
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Connection: keep-alive
ETag: "63ed87b1-1550c"
Expires: Sun, 02 Jul 2023 11:01:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
well-beingforwarriors.org/jpg/productivity-app-drop-shadow.jpg
35.215.170.152200 OK 6.4 kB URL GET HTTP/1.1 well-beingforwarriors.org/jpg/productivity-app-drop-shadow.jpg
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1005x137, components 3\012- data
Hash 97098bb5d87e434149499293c321711b
5fda65877d144dd38efee4a08f0c1f9da26a29aa
57e0e969ef6f5d47bfdb100fb635665087e4940a76426f245c41fe002ee832c4
Analyzer Verdict Alert openphish Outlook
GET /jpg/productivity-app-drop-shadow.jpg HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/css/compiled.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:28 GMT
Content-Type: image/jpeg
Content-Length: 6385
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Connection: keep-alive
ETag: "63ed87b1-18f1"
Expires: Sun, 02 Jul 2023 11:01:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
well-beingforwarriors.org/png/mobile-scenario-triptych-ios-02.png
35.215.170.152200 OK 203 kB URL GET HTTP/1.1 well-beingforwarriors.org/png/mobile-scenario-triptych-ios-02.png
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type PNG image data, 548 x 1101, 8-bit colormap, non-interlaced\012- data
Size 203 kB (202867 bytes)
Hash 50a28657368867a7ec306bd98ad9bbc0
586cf8c01c0f65269591ec9dcb9fd134333c54e9
13e8e3a74cce3422361296647326cdbc26ec35edfba0978df2373cb5084281bc
Analyzer Verdict Alert openphish Outlook
GET /png/mobile-scenario-triptych-ios-02.png HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:27 GMT
Content-Type: image/png
Content-Length: 202867
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Connection: keep-alive
ETag: "63ed87b1-31873"
Expires: Sun, 02 Jul 2023 11:01:27 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
well-beingforwarriors.org/jpg/outlook-icon.jpg
35.215.170.152200 OK 27 kB URL GET HTTP/1.1 well-beingforwarriors.org/jpg/outlook-icon.jpg
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 900x842, components 3\012- data
Hash dbf46fd4be76955fb17e8a4cbb553cd0
bfd9b745a88527476ece62ef55b55c7d34267b53
7a79e3f78535dd405e5cb39fd4647c34568f011c1034914090f684206fc15946
Analyzer Verdict Alert openphish Outlook
GET /jpg/outlook-icon.jpg HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/css/compiled.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:28 GMT
Content-Type: image/jpeg
Content-Length: 27195
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Connection: keep-alive
ETag: "63ed87b1-6a3b"
Expires: Sun, 02 Jul 2023 11:01:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
well-beingforwarriors.org/jpg/masthead-alt-06-wide-large.jpg
35.215.170.152200 OK 163 kB URL GET HTTP/1.1 well-beingforwarriors.org/jpg/masthead-alt-06-wide-large.jpg
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Rob Kalmbach], baseline, precision 8, 3000x1929, components 3\012- data
Size 163 kB (162930 bytes)
Hash 0680ba4dfe79c92490fe31fee7a2901e
b412ef3925223d2f548b2ed43197be1726dec229
0ae515749fc0277624d6a274f0db0670ba98849a473a1eef30794165544333c2
Analyzer Verdict Alert openphish Outlook
GET /jpg/masthead-alt-06-wide-large.jpg HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/css/compiled.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:27 GMT
Content-Type: image/jpeg
Content-Length: 162930
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Connection: keep-alive
ETag: "63ed87b1-27c72"
Expires: Sun, 02 Jul 2023 11:01:27 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
well-beingforwarriors.org/png/mobile-scenario-triptych-ios-01.png
35.215.170.152200 OK 273 kB URL GET HTTP/1.1 well-beingforwarriors.org/png/mobile-scenario-triptych-ios-01.png
IP 35.215.170.152:80
Requested by http://well-beingforwarriors.org/
File type PNG image data, 548 x 1101, 8-bit colormap, non-interlaced\012- data
Size 273 kB (272801 bytes)
Hash dd820cffa54ddfbb87b87a90620ee6b3
446d9f5f19f34c537fba607f2d72793d9e8a6563
0a578abe8f72ec3b12545c88589b6f5977cec529d8a3b019268368e71cf1cc4e
Analyzer Verdict Alert openphish Outlook
GET /png/mobile-scenario-triptych-ios-01.png HTTP/1.1
Host: well-beingforwarriors.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Jun 2023 11:01:27 GMT
Content-Type: image/png
Content-Length: 272801
Last-Modified: Thu, 16 Feb 2023 01:32:33 GMT
Connection: keep-alive
ETag: "63ed87b1-429a1"
Expires: Sun, 02 Jul 2023 11:01:27 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ow2.res.office365.com/owalanding/2022.4.26.01/images/favicon.ico?v=4
95.101.10.208200 OK 7.9 kB URL GET HTTP/2 ow2.res.office365.com/owalanding/2022.4.26.01/images/favicon.ico?v=4
IP 95.101.10.208:443
ASN #20940 Akamai International B.V.
Requested by http://well-beingforwarriors.org/
Certificate IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint54:11:4B:DB:98:01:CA:17:06:66:6C:42:F4:E9:9A:41:CB:F1:8A:DE
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash ac16fa7fc862073b02acd1187fc6def4
f2b9a6255f6293000f30eee272abdd372a14e9d3
e35d94b76894d6eca96ff5b1a12d94dfe73485ef3c52cb5b4395be8ffac1cb45
GET /owalanding/2022.4.26.01/images/favicon.ico?v=4 HTTP/1.1
Host: ow2.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 7886
content-type: image/x-icon
last-modified: Wed, 27 Apr 2022 01:58:26 GMT
x-ms-request-id: 4a0e1082-701e-0006-0290-bbcc28000000
cache-control: max-age=630720000
date: Fri, 02 Jun 2023 11:01:28 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.cc0a655f.1685703688.5d599578"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
collect-v6.51.la/v6/collect?dt=4
120.79.158.69200 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 120.79.158.69:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://well-beingforwarriors.org/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 408
Origin: http://well-beingforwarriors.org
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Fri, 02 Jun 2023 11:01:28 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://well-beingforwarriors.org
Access-Control-Allow-Credentials: true
collect-v6.51.la/v6/collect?dt=4
120.79.158.69200 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 120.79.158.69:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://well-beingforwarriors.org/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 410
Origin: http://well-beingforwarriors.org
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Fri, 02 Jun 2023 11:01:28 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://well-beingforwarriors.org
Access-Control-Allow-Credentials: true
xycai168.com/webapp/js/lib/Sortable.min.js
35.215.134.73200 OK 0 B URL GET HTTP/2 xycai168.com/webapp/js/lib/Sortable.min.js
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /webapp/js/lib/Sortable.min.js HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:28 GMT
content-type: application/javascript
content-length: 0
last-modified: Fri, 26 May 2023 10:38:02 GMT
etag: "64708c0a-0"
expires: Fri, 02 Jun 2023 23:01:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xycai168.com/webapp/js/lib/jquery.async.js
35.215.134.73200 OK 902 B URL GET HTTP/2 xycai168.com/webapp/js/lib/jquery.async.js
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type ASCII text, with very long lines (902), with no line terminators
Hash 2e3cd10cd7579756c32b479d018996ce
f802c0231c81b061352b3c7bb4c64c143ce353f2
9b52ff42b1430595e38ae165b5a8ac6719c0bfddf9407ef9bc720dc30f2d3e5f
GET /webapp/js/lib/jquery.async.js HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:28 GMT
content-type: application/javascript
content-length: 902
last-modified: Fri, 26 May 2023 10:38:02 GMT
etag: "64708c0a-386"
expires: Fri, 02 Jun 2023 23:01:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://well-beingforwarriors.org/
180.101.212.103200 OK 0 B URL GET HTTP/1.1 api.share.baidu.com/s.gif?l=http://well-beingforwarriors.org/
IP 180.101.212.103:80
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Requested by http://well-beingforwarriors.org/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://well-beingforwarriors.org/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Jun 2023 11:01:29 GMT
xycai168.com/webapp/js/local/pk10/head_jisusaiche.js
35.215.134.73200 OK 303 B URL GET HTTP/2 xycai168.com/webapp/js/local/pk10/head_jisusaiche.js
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type ASCII text, with very long lines (303), with no line terminators
Hash 7d17eeb07e12644cc27e6d8f63353d70
1074682081821f439af386aa7fba49778623e7fb
9fa1916fb1f0ec143e93280bf4daea5e31aeaab49714b4a973b70c6e9edc50fc
GET /webapp/js/local/pk10/head_jisusaiche.js HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: application/javascript
content-length: 303
last-modified: Fri, 26 May 2023 10:38:02 GMT
etag: "64708c0a-12f"
expires: Fri, 02 Jun 2023 23:01:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xycai168.com/webapp/img/haomaimg.png
35.215.134.73200 OK 182 kB URL GET HTTP/2 xycai168.com/webapp/img/haomaimg.png
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type PNG image data, 1204 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 182 kB (182417 bytes)
Hash e2e251464ed0269900791e37a8557086
f26741ef593f9fa19c145d34a1d90b70ee90fe26
2cd69edba71483d88d9663a598f00d975a52b3a8a8422e7c9d50fd1ac3f0464b
GET /webapp/img/haomaimg.png HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/css/public.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: image/png
content-length: 182417
last-modified: Tue, 08 Nov 2022 14:55:36 GMT
etag: "636a6de8-2c891"
expires: Sun, 02 Jul 2023 11:01:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xycai168.com/webapp/css/pk10.css
35.215.134.73200 OK 6.7 kB URL GET HTTP/2 xycai168.com/webapp/css/pk10.css
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type gzip compressed data, from Unix\012- data
Hash f2f0ded4c88eadb19c8b01e9e0d82cb8
5b4d47ecd8838f91ec6de5c3af0caa2dbc036b1f
b7ff1f21b06ebf6800895e6009dbc2231c058902ddbceb4beb872f84d13a06f0
GET /webapp/css/pk10.css HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:28 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 14:55:34 GMT
vary: Accept-Encoding
etag: W/"636a6de6-53fc"
expires: Fri, 02 Jun 2023 23:01:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xycai168.com/webapp/js/lib/zepto.js
35.215.134.73200 OK 39 kB URL GET HTTP/2 xycai168.com/webapp/js/lib/zepto.js
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type gzip compressed data, from Unix\012- data
Hash e7a956519aad73707a7090e7aaa479ea
e02e5c9af79f5de7d4eb6719ff8ea45431050ec6
36c905993b75a5def6b06bce780538ca6c541e882ad5e9dd037c51eb5dd05f92
GET /webapp/js/lib/zepto.js HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:28 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 10:38:02 GMT
vary: Accept-Encoding
etag: W/"64708c0a-66a1"
expires: Fri, 02 Jun 2023 23:01:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xycai168.com/webapp/css/pk10_Gary.css
35.215.134.73200 OK 3.9 kB URL GET HTTP/2 xycai168.com/webapp/css/pk10_Gary.css
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type gzip compressed data, from Unix\012- data
Hash b72ce66a23081294749e9ef1fb2eac0c
f74137339458c764631ad1488ca5feef01800433
63be2767499198139f73c7651e6728288df60fb7ce7fa3696d09e3f57a80deaa
GET /webapp/css/pk10_Gary.css HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:28 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 14:55:34 GMT
vary: Accept-Encoding
etag: W/"636a6de6-4353"
expires: Fri, 02 Jun 2023 23:01:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xycai168.com/webapp/css/listHtml.css
35.215.134.73200 OK 22 kB URL GET HTTP/2 xycai168.com/webapp/css/listHtml.css
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type gzip compressed data, from Unix\012- data
Hash 8fb890a3203b0ed0f79e4a4417b029c2
d05ed0aabf2d8b2fae286781e4e3f0dfca9fb55a
4d88ec7fe034ecfa3c7338f42969d20e9da51d0e79e881e7973627f0efd15fc4
GET /webapp/css/listHtml.css HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:28 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 14:55:34 GMT
vary: Accept-Encoding
etag: W/"636a6de6-8624"
expires: Fri, 02 Jun 2023 23:01:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xycai168.com/webapp/css/public.css
35.215.134.73200 OK 23 kB URL GET HTTP/2 xycai168.com/webapp/css/public.css
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
Hash 7c54605cb3f71748fb879ee8e6b705ee
f8c8be00cc570ee35564f543357034e6addd2500
5256fc07502ba8b4af3949b231c9bece358850eb090c6c547e187ef423527f78
GET /webapp/css/public.css HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:28 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 09:59:08 GMT
vary: Accept-Encoding
etag: W/"63a2d8ec-59ac"
expires: Fri, 02 Jun 2023 23:01:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xycai168.com/webapp/js/lib/date.js
35.215.134.73200 OK 7.9 kB URL GET HTTP/2 xycai168.com/webapp/js/lib/date.js
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type Unicode text, UTF-8 text, with very long lines (8365), with no line terminators
Hash 758fe44215ddc77c63945dd90fb28085
78f4fc6cd6d4cb8991433b036603ba8fcb024fdd
e7935b6279fcfc8627ffaa1de29f1ea0d52a5f0e02bf805466100db5d05dfc19
GET /webapp/js/lib/date.js HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 10:38:02 GMT
vary: Accept-Encoding
etag: W/"64708c0a-1edd"
expires: Fri, 02 Jun 2023 23:01:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xycai168.com/webapp/img/cltj_img/icon-168index.png
35.215.134.73200 OK 29 kB URL GET HTTP/2 xycai168.com/webapp/img/cltj_img/icon-168index.png
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type PNG image data, 1000 x 213, 8-bit/color RGBA, non-interlaced\012- data
Hash 9cadfe91f4676d8abaefd706fd002c70
3c1f5c663282388d8fa739baf8dd77edcb5a82d0
cba1227e78513169698e2b0cf72cd24505429292ecdcb849a8f8f33b9ae5e1d9
GET /webapp/img/cltj_img/icon-168index.png HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/css/pk10_Gary.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: image/png
content-length: 28721
last-modified: Tue, 08 Nov 2022 14:55:36 GMT
etag: "636a6de8-7031"
expires: Sun, 02 Jul 2023 11:01:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xycai168.com/webapp/html/public/head.html
35.215.134.73200 OK 1.3 kB URL GET HTTP/2 xycai168.com/webapp/html/public/head.html
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1483), with no line terminators
Hash 7c76a98f6b882b013109464ad87fdc36
5c4089c2e838d59ffa1c0f949ca0b736a290e068
8a5769163a9927f9a49015e94d23d381f10a876fab5f896299b34490a9afa8f8
GET /webapp/html/public/head.html HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: text/html
last-modified: Fri, 26 May 2023 10:38:02 GMT
vary: Accept-Encoding
etag: W/"64708c0a-532"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
api.api68.com/pks/getPksHistoryList.do?date=&lotCode=10037
172.64.166.37200 OK 211 kB URL GET HTTP/2 api.api68.com/pks/getPksHistoryList.do?date=&lotCode=10037
IP 172.64.166.37:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerGoogle Trust Services LLC
Subjectapi68.com
Fingerprint35:61:7A:1B:68:65:D0:02:3C:D2:D2:CA:02:53:3D:43:5B:3A:71:98
ValidityTue, 16 May 2023 04:47:20 GMT - Mon, 14 Aug 2023 04:47:19 GMT
Size 211 kB (210660 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pks/getPksHistoryList.do?date=&lotCode=10037 HTTP/1.1
Host: api.api68.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xycai168.com
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 11:01:30 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://xycai168.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QETYEQMeFazkIBPxdwIF9kfQNuWHuaTQezjPktftGAlbN8OdKqg%2BUuncpAwFQppYk25PSeNoXynHyFIuivqnQznYGrIbh5WC1lnKbhaSwFsBku0mms8VQkqfV%2FwMGIH%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f32dd6dcf779b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
api.api68.com/pks/getPksDoubleCount.do?date=&lotCode=10037
172.64.166.37200 OK 1.5 kB URL GET HTTP/2 api.api68.com/pks/getPksDoubleCount.do?date=&lotCode=10037
IP 172.64.166.37:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerGoogle Trust Services LLC
Subjectapi68.com
Fingerprint35:61:7A:1B:68:65:D0:02:3C:D2:D2:CA:02:53:3D:43:5B:3A:71:98
ValidityTue, 16 May 2023 04:47:20 GMT - Mon, 14 Aug 2023 04:47:19 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1672), with no line terminators
Hash f7ec80ba2489628c7d3c6ad5390936a8
e60d40252f7f1b0778271ea688812034a7b2d245
c15f0a20624bf6570ca9efee3a025821aecd2c2ab4ce2e07b857a1226bff08d7
GET /pks/getPksDoubleCount.do?date=&lotCode=10037 HTTP/1.1
Host: api.api68.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xycai168.com
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 11:01:31 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://xycai168.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXsipbNyj%2BjmGGQpx7Bl226IcM%2BT9C1PZlX%2B2uoXvMq40uRJhFLSGKheA6fAqswfXRiBB3QDErrp%2BYGTeoz%2Bx2NyRfRV2%2FuGbYj5hCrP2%2BYSjD88QcvtVZrD9%2BbR5pAb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f32e39df1779b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xycai168.com/webapp/html/public/footer.html
35.215.134.73200 OK 192 B URL GET HTTP/2 xycai168.com/webapp/html/public/footer.html
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type exported SGML document, Unicode text, UTF-8 text, with no line terminators
Hash a33a84c84e0a4a8d754f4ced0e19eff4
990e11e0d2423b5ef57d0e3fcb5af61f64cdc728
39092bb63d7fe087a86712820d56d08131bd706be1ac99eb74620aeb1e668ac4
GET /webapp/html/public/footer.html HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: text/html
content-length: 192
last-modified: Fri, 26 May 2023 10:38:02 GMT
etag: "64708c0a-c0"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xycai168.com/webapp/js/lib/jquery-1.9.1.js
35.215.134.73200 OK 93 kB URL GET HTTP/2 xycai168.com/webapp/js/lib/jquery-1.9.1.js
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /webapp/js/lib/jquery-1.9.1.js HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:28 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 10:38:02 GMT
vary: Accept-Encoding
etag: W/"64708c0a-16b57"
expires: Fri, 02 Jun 2023 23:01:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
api.api68.com/pks/getLotteryPksInfo.do?issue=&lotCode=10037
172.64.166.37200 OK 750 B URL GET HTTP/2 api.api68.com/pks/getLotteryPksInfo.do?issue=&lotCode=10037
IP 172.64.166.37:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerGoogle Trust Services LLC
Subjectapi68.com
Fingerprint35:61:7A:1B:68:65:D0:02:3C:D2:D2:CA:02:53:3D:43:5B:3A:71:98
ValidityTue, 16 May 2023 04:47:20 GMT - Mon, 14 Aug 2023 04:47:19 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (834), with no line terminators
Hash fc3b1595839c75f8d230896e4e763420
138f140ffd9fe925d331dd8a3de54865d7fa2450
b11f37f3e6221aad684933a32b93fea5ac31e131233cf2761fc1e8cfe9b9f4b8
GET /pks/getLotteryPksInfo.do?issue=&lotCode=10037 HTTP/1.1
Host: api.api68.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xycai168.com
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 11:01:30 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://xycai168.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEgLz1JdnX4NYh56m3WfV21M%2FLwy8Jc9AZeYLIbQJsq%2BTOEtKvef2zBaf0EYmh6RZBPJ9uIIxcFDfwpALFO0lv2awF6oPIiHYB9KPgoyzG8X8LHlQOSXpU%2BMtzqIFo4i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f32dd2d74779b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xycai168.com/webapp/js/lib/iscroll.js
35.215.134.73200 OK 20 kB URL GET HTTP/2 xycai168.com/webapp/js/lib/iscroll.js
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type ASCII text, with very long lines (19891), with no line terminators
Hash 3249e269b6bf59a9596ff4dd4908bd74
16f804a74f66585bf01bb2217997a2a4ff0c4a23
3b294972fe3c686a14d4195e17abc43199da904d959c9ffa128b3649b6bd925c
GET /webapp/js/lib/iscroll.js HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 10:38:02 GMT
vary: Accept-Encoding
etag: W/"64708c0a-4db3"
expires: Fri, 02 Jun 2023 23:01:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xycai168.com/webapp/js/local/pk10/index.js
35.215.134.73200 OK 89 kB URL GET HTTP/2 xycai168.com/webapp/js/local/pk10/index.js
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /webapp/js/local/pk10/index.js HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 10:38:02 GMT
vary: Accept-Encoding
etag: W/"64708c0a-15b83"
expires: Fri, 02 Jun 2023 23:01:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xycai168.com/webapp/js/lib/config.js
35.215.134.73200 OK 9.2 kB URL GET HTTP/2 xycai168.com/webapp/js/lib/config.js
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type HTML document text\012- C source, Unicode text, UTF-8 text, with very long lines (10058), with no line terminators
Hash aa54c8071ab42a79c6f1baec6c0ac4ed
4c482d45e67e828d879181361dfa577c783737ca
1b072d54f15840c0d4b6ebfb6b972c97ded00e5d55c9ce2ab3331e927bd551fd
GET /webapp/js/lib/config.js HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 10:38:02 GMT
vary: Accept-Encoding
etag: W/"64708c0a-23e2"
expires: Fri, 02 Jun 2023 23:01:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xycai168.com/webapp/js/local/tools/tools.js
35.215.134.73200 OK 102 kB URL GET HTTP/2 xycai168.com/webapp/js/local/tools/tools.js
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
Size 102 kB (102376 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /webapp/js/local/tools/tools.js HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 10:38:02 GMT
vary: Accept-Encoding
etag: W/"64708c0a-18fe8"
expires: Fri, 02 Jun 2023 23:01:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
api.api68.com/pks/getPksLongDragonCount.do?date=&lotCode=10037
172.64.166.37200 OK 352 B URL GET HTTP/3 api.api68.com/pks/getPksLongDragonCount.do?date=&lotCode=10037
IP 172.64.166.37:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerGoogle Trust Services LLC
Subjectapi68.com
Fingerprint35:61:7A:1B:68:65:D0:02:3C:D2:D2:CA:02:53:3D:43:5B:3A:71:98
ValidityTue, 16 May 2023 04:47:20 GMT - Mon, 14 Aug 2023 04:47:19 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (400), with no line terminators
Hash d9accdbafad6efe8597ff4e18b583402
9faaa9c9faaa8ab65d861228632629dd6b04ba25
081c003f71950a27b20d5b40c2999a68726670c8f4d8e16383b36c98cc16c12a
GET /pks/getPksLongDragonCount.do?date=&lotCode=10037 HTTP/1.1
Host: api.api68.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xycai168.com
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 11:01:32 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://xycai168.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlBaCj3q5cib%2BwSH9oksPP6WvTct7k9ifRe1W%2BPJsAK6htIKqBMD0x3Przb6vV5BxZiQ7rZi7f%2FSBm6v6Dj7Ejm%2FzXXRGIUqI%2BuH6qyKNIW2ZA8d%2FtcU1erRKrQAxB4o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f32e92f2574fd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
xycai168.com/webapp/img/cltj_img/px10obj.png
35.215.134.73200 OK 2.9 kB URL GET HTTP/2 xycai168.com/webapp/img/cltj_img/px10obj.png
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type PNG image data, 111 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 5025c85c1772aadbb3e53f953913d3bc
fb7fb9939693929455b21cabd3f99b7b4761d39a
124aeafaabb57da5126971cd6c763b317cde9003ff1690e447a494952f156139
GET /webapp/img/cltj_img/px10obj.png HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/css/pk10.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: image/png
content-length: 2874
last-modified: Tue, 08 Nov 2022 14:55:36 GMT
etag: "636a6de8-b3a"
expires: Sun, 02 Jul 2023 11:01:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
api.api68.com/parameters/getNoAdvertisingDomain.do
172.64.166.37200 OK 1.0 kB URL GET HTTP/2 api.api68.com/parameters/getNoAdvertisingDomain.do
IP 172.64.166.37:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerGoogle Trust Services LLC
Subjectapi68.com
Fingerprint35:61:7A:1B:68:65:D0:02:3C:D2:D2:CA:02:53:3D:43:5B:3A:71:98
ValidityTue, 16 May 2023 04:47:20 GMT - Mon, 14 Aug 2023 04:47:19 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1137), with no line terminators
Hash 0c6b78400ba6d862125888d42c17244e
c3a09e5a1b37343b40c58f6439c4413e796bff95
fe85ecdeb3836a143ab220c243b6af6f97e4ca7547614cf555ceec2b092c4e56
GET /parameters/getNoAdvertisingDomain.do HTTP/1.1
Host: api.api68.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xycai168.com
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 11:01:30 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://xycai168.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KSjdonEgI5nvv8oRIAjHpPdGwYZtqvb4vd2mMDlQxpXZj7GeYN%2F6MO3JV%2BXj3aKyxYAvlWuIXZuwQh93qXSd8Aq7YBrJ5aOPL0RBFk4FVey63O8KfWrkU3VjfXzkrDK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f32dd0d43779b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xycai168.com/webapp/img/bg_icon.png
35.215.134.73200 OK 15 kB URL GET HTTP/2 xycai168.com/webapp/img/bg_icon.png
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type PNG image data, 948 x 404, 8-bit colormap, non-interlaced\012- data
Hash 821582b0c313e76c4f0d979664edf668
dda5e9d9e4cee99daf3af76f83ffab6b712e7697
a5c7914a21f1db358506caaf95ff6d1838769e4c303e6cfa5ebbacdb0b97643b
GET /webapp/img/bg_icon.png HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/css/public.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:30 GMT
content-type: image/png
content-length: 15402
last-modified: Tue, 08 Nov 2022 14:55:36 GMT
etag: "636a6de8-3c2a"
expires: Sun, 02 Jul 2023 11:01:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xycai168.com/webapp/js/lib/drawLines.js
35.215.134.73200 OK 25 kB URL GET HTTP/2 xycai168.com/webapp/js/lib/drawLines.js
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type ASCII text, with very long lines (24891), with no line terminators
Hash 7db0502baf867aa0663475b899ffb19e
a69f4ef6ab52c62d9885dc55b733c8c37687383e
8a3eec9c6525ce4aad8b37e0a188f4716a8fcdec24ee894d2f8ffec447872fbb
GET /webapp/js/lib/drawLines.js HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 10:38:02 GMT
vary: Accept-Encoding
etag: W/"64708c0a-613b"
expires: Fri, 02 Jun 2023 23:01:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xycai168.com/webapp/css/common.css
35.215.134.73200 OK 4.0 kB URL GET HTTP/2 xycai168.com/webapp/css/common.css
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type ASCII text, with very long lines (4420), with no line terminators
Hash 0605f9bdbab19a236d3dc70d20f53c0e
15b2f3950cb213239caa8c4f908e3411e9fa926e
3b96a62ebf3b7e6017dbd136b408786dde6c22667093a0fbb55d637ee082de56
GET /webapp/css/common.css HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:28 GMT
content-type: text/css
last-modified: Tue, 20 Dec 2022 14:00:48 GMT
vary: Accept-Encoding
etag: W/"63a1c010-f71"
expires: Fri, 02 Jun 2023 23:01:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xycai168.com/webapp/js/lib/pk10BaseTrend.js
35.215.134.73200 OK 6.7 kB URL GET HTTP/2 xycai168.com/webapp/js/lib/pk10BaseTrend.js
IP 35.215.134.73:443
Requested by https://xycai168.com/webapp/html/jisusaiche/index.html
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
File type ASCII text, with very long lines (6987), with no line terminators
Hash 6644b827e8687b73babbe50fb85d64f4
9b3732a81cc511bacd3940dedd2f78efc4f1fb15
5ce42749f0c7c814678e639d66856df43447576763d34791be68d300946f4489
GET /webapp/js/lib/pk10BaseTrend.js HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xycai168.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:29 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 10:38:02 GMT
vary: Accept-Encoding
etag: W/"64708c0a-1a2d"
expires: Fri, 02 Jun 2023 23:01:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xycai168.com/webapp/html/jisusaiche/index.html
35.215.134.73200 OK 43 kB URL GET HTTP/2 xycai168.com/webapp/html/jisusaiche/index.html
IP 35.215.134.73:443
Requested by http://well-beingforwarriors.org/
Certificate IssuerLet's Encrypt
Subjectwww.xycai168.com
Fingerprint9B:D8:87:FF:FE:6E:59:53:27:C7:8B:AA:6E:A3:2D:54:75:95:FE:90
ValidityThu, 25 May 2023 01:32:28 GMT - Wed, 23 Aug 2023 01:32:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /webapp/html/jisusaiche/index.html HTTP/1.1
Host: xycai168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://well-beingforwarriors.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 02 Jun 2023 11:01:28 GMT
content-type: text/html
last-modified: Fri, 26 May 2023 10:38:02 GMT
vary: Accept-Encoding
etag: W/"64708c0a-a977"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2