| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8d2e6150f7d0845dc26f5bd5cd6f28dd 6aad5091620585a5f76065c1888456ee70b88257 ed538ea400323f4c987f91c0b0afc79a8526b62f7aa317dd62bd107cb37850a2
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "ED538EA400323F4C987F91C0B0AFC79A8526B62F7AA317DD62BD107CB37850A2"
Last-Modified: Tue, 03 Sep 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4909
Expires: Thu, 05 Sep 2024 05:47:38 GMT
Date: Thu, 05 Sep 2024 04:25:49 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash66fbf7f95cb55f388373a20d4b1a736e afc34259758a563362367848629ff7639982e1fb 41c00088afc20571f6a0c6998324d9517346256ac33696dc706192ec606fe7a7
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "41C00088AFC20571F6A0C6998324D9517346256AC33696DC706192EC606FE7A7"
Last-Modified: Mon, 02 Sep 2024 12:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3654
Expires: Thu, 05 Sep 2024 05:26:43 GMT
Date: Thu, 05 Sep 2024 04:25:49 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash1f0091b166a0138433eabf08a4530e4a 769d1eeaefb4987198c821ea98e06ea8ba0de215 2eff28e3e6829bf2cfcbc417fd76313d5b5e8ba8a3f0f0de6a5b5cdc2888e7e5
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2EFF28E3E6829BF2CFCBC417FD76313D5B5E8BA8A3F0F0DE6A5B5CDC2888E7E5"
Last-Modified: Mon, 02 Sep 2024 14:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11662
Expires: Thu, 05 Sep 2024 07:40:12 GMT
Date: Thu, 05 Sep 2024 04:25:50 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashcabaaa7c3e6a621cc5836be05eee4924 c4bc6288aed0597ff7ae2dbc5aea340b6c9636b8 2b2a41201a3881bd029ab7161be291b23128d5952e5959092607b98c951fa18c
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2B2A41201A3881BD029AB7161BE291B23128D5952E5959092607B98C951FA18C"
Last-Modified: Mon, 02 Sep 2024 14:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13539
Expires: Thu, 05 Sep 2024 08:11:29 GMT
Date: Thu, 05 Sep 2024 04:25:50 GMT
Connection: keep-alive
|
|
| ncao.nc69jfp88.xyz:23569/ | 23.224.173.228 | 302 Moved Temporarily | 138 B |
URL User Request GET HTTP/1.1ncao.nc69jfp88.xyz:23569/ IP23.224.173.228:23569
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET / HTTP/1.1
Host: ncao.nc69jfp88.xyz:23569
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 05 Sep 2024 04:25:50 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://ncao.nc69jfp88.xyz/
Strict-Transport-Security: max-age=31536000; includeSubdomains;
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash06fb45d8638e8a153bca14c5664fce9c 39373873b2a16d8e19dd1254581d8c8b759c1132 243adb73dd4941e61529b495dd326920ead03d838ad04fec876231398ec655da
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Sep 2024 04:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtag/js?id=G-03GV6MC2YL | 142.250.74.168 | 200 OK | 105 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-03GV6MC2YL IP142.250.74.168:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerGoogle Trust Services Subject*.google-analytics.com Fingerprint6F:61:E4:8D:EC:1C:CD:28:E6:08:5A:59:AA:A1:D3:6D:7E:95:B9:28 ValidityMon, 05 Aug 2024 06:37:21 GMT - Mon, 28 Oct 2024 06:37:20 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size105 kB (104778 bytes) Hasha3c6c53c9643f011d54321e884197180 dcb0d5aac10ebcc3747954a8f08a9e70c994dea2 80a3287e0afd18f4f15c03ba3edb3c8831996eb2a480b2e2b233307ae4b43ee3
GET /gtag/js?id=G-03GV6MC2YL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 05 Sep 2024 04:25:51 GMT
expires: Thu, 05 Sep 2024 04:25:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104778
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ncao.nc69jfp88.xyz/css/indexstyle.css | 23.226.181.52 | 200 OK | 3.2 kB |
URL GET HTTP/2ncao.nc69jfp88.xyz/css/indexstyle.css IP23.226.181.52:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerLet's Encrypt Subjectnc69jfp88.xyz FingerprintAB:17:8C:29:D7:A7:4E:5D:3D:5B:88:D5:A7:5C:25:32:C9:C1:17:03 ValidityMon, 26 Aug 2024 05:02:01 GMT - Sun, 24 Nov 2024 05:02:00 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash6301c87ffa8831d8d8f68b8c6abbaf12 a514d3d9b34efc1efee52b90d7c101d81c1b5690 fcd4fd0d6a9f7a7d0e547c69bb5dcf9ee5197ae19c366bb96625449405169a77
GET /css/indexstyle.css HTTP/1.1
Host: ncao.nc69jfp88.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:51 GMT
content-type: text/css
content-length: 3228
last-modified: Fri, 15 Mar 2024 08:09:15 GMT
etag: "65f4022b-c9c"
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ncao.nc69jfp88.xyz/js/tj_mtm.js | 23.226.181.52 | 200 OK | 397 B |
URL GET HTTP/2ncao.nc69jfp88.xyz/js/tj_mtm.js IP23.226.181.52:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerLet's Encrypt Subjectnc69jfp88.xyz FingerprintAB:17:8C:29:D7:A7:4E:5D:3D:5B:88:D5:A7:5C:25:32:C9:C1:17:03 ValidityMon, 26 Aug 2024 05:02:01 GMT - Sun, 24 Nov 2024 05:02:00 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash6db082a65729838fd8d8148e99a22eee 03b52ccacf03dd26511f43a14104f3a281d8afc7 3c61573b21556b036a5c0a800442bb3039c59ef95e389e72646a12c2df37188a
GET /js/tj_mtm.js HTTP/1.1
Host: ncao.nc69jfp88.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:51 GMT
content-type: application/javascript
content-length: 397
last-modified: Fri, 15 Mar 2024 08:03:32 GMT
etag: "65f400d4-18d"
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ncao.nc69jfp88.xyz/favicon.ico | 23.226.181.52 | 200 OK | 4.3 kB |
URL GET HTTP/2ncao.nc69jfp88.xyz/favicon.ico IP23.226.181.52:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerLet's Encrypt Subjectnc69jfp88.xyz FingerprintAB:17:8C:29:D7:A7:4E:5D:3D:5B:88:D5:A7:5C:25:32:C9:C1:17:03 ValidityMon, 26 Aug 2024 05:02:01 GMT - Sun, 24 Nov 2024 05:02:00 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash836c16a8d900ff2ae3dde9115def3365 f6095ebf996a030209aec55be1e873f4115fec41 781deca3891eda0133198175a7c91bc760dc329dfa642c535381d6e0166746b8
GET /favicon.ico HTTP/1.1
Host: ncao.nc69jfp88.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:51 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Fri, 15 Mar 2024 08:09:22 GMT
etag: "65f40232-10be"
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash06fb45d8638e8a153bca14c5664fce9c 39373873b2a16d8e19dd1254581d8c8b759c1132 243adb73dd4941e61529b495dd326920ead03d838ad04fec876231398ec655da
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Sep 2024 04:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ncao.nc69jfp88.xyz/images/af7fda23-61c5-4fc3-86f6-5ca8c6cf6ea2_80.jpg | 23.226.181.52 | 200 OK | 128 kB |
URL GET HTTP/2ncao.nc69jfp88.xyz/images/af7fda23-61c5-4fc3-86f6-5ca8c6cf6ea2_80.jpg IP23.226.181.52:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerLet's Encrypt Subjectnc69jfp88.xyz FingerprintAB:17:8C:29:D7:A7:4E:5D:3D:5B:88:D5:A7:5C:25:32:C9:C1:17:03 ValidityMon, 26 Aug 2024 05:02:01 GMT - Sun, 24 Nov 2024 05:02:00 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2022:03:22 21:20:09], baseline, precision 8, 783x454, components 3 Size128 kB (128512 bytes) Hash8f2f1893e38fbdae8f3dc34fb6677c7d 517d702080189069faa5be28879f4aa4fb416cd3 c0fb20852374c2c604d9c950e4192f36fe2639d128f9193a9d373bed2f67f62f
GET /images/af7fda23-61c5-4fc3-86f6-5ca8c6cf6ea2_80.jpg HTTP/1.1
Host: ncao.nc69jfp88.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:51 GMT
content-type: image/jpeg
content-length: 128512
last-modified: Fri, 15 Mar 2024 08:09:21 GMT
etag: "65f40231-1f600"
expires: Fri, 06 Sep 2024 04:25:51 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc96a4972e341191f93e963880196f8e1 8318aa6dcbdababe8728023ec9ef3aaac10917a9 dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A"
Last-Modified: Mon, 02 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7481
Expires: Thu, 05 Sep 2024 06:30:33 GMT
Date: Thu, 05 Sep 2024 04:25:52 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc96a4972e341191f93e963880196f8e1 8318aa6dcbdababe8728023ec9ef3aaac10917a9 dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A"
Last-Modified: Mon, 02 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7481
Expires: Thu, 05 Sep 2024 06:30:33 GMT
Date: Thu, 05 Sep 2024 04:25:52 GMT
Connection: keep-alive
|
|
| ncao.nc69jfp88.xyz/js/popup.js | 23.226.181.52 | 200 OK | 13 kB |
URL GET HTTP/2ncao.nc69jfp88.xyz/js/popup.js IP23.226.181.52:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerLet's Encrypt Subjectnc69jfp88.xyz FingerprintAB:17:8C:29:D7:A7:4E:5D:3D:5B:88:D5:A7:5C:25:32:C9:C1:17:03 ValidityMon, 26 Aug 2024 05:02:01 GMT - Sun, 24 Nov 2024 05:02:00 GMT
File typegzip compressed data, from Unix Hashaae5c9fa89a115a7641731092acd8023 02969d43bc812783b1bd9fdac483382a384417d3 f1aeceac49906ba54486e9364e2eb6f03d84b74b29a44a4774cbcdfa14effda8
GET /js/popup.js HTTP/1.1
Host: ncao.nc69jfp88.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:51 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 08:03:32 GMT
vary: Accept-Encoding
etag: W/"65f400d4-1815"
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.bootcdn.net/ajax/libs/qrcodejs/1.0.0/qrcode.min.js | 154.85.69.3 | 200 OK | 25 kB |
URL GET HTTP/2cdn.bootcdn.net/ajax/libs/qrcodejs/1.0.0/qrcode.min.js IP154.85.69.3:443 ASN#139057 LEGEND DYNASTY PTE. LTD.
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerSectigo Limited Subject*.bootcss.com FingerprintB5:66:89:E1:2E:94:11:B0:1A:CA:F8:23:1A:E1:62:94:A5:02:2E:65 ValidityWed, 03 Jan 2024 00:00:00 GMT - Sun, 02 Feb 2025 23:59:59 GMT
Hashaf138fb60c88a8af175256f7c3cd168b 245cf8f7948476b6113b5618c240921996902728 bc7669a9cb264265390170367a8deec052b83b869e47955fef91ec36fcb8bfa6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/qrcodejs/1.0.0/qrcode.min.js HTTP/1.1
Host: cdn.bootcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 05 Sep 2024 04:25:51 GMT
content-type: text/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser: BC11_lt-jiangsu-lianyungang-22-cache-1, BC6_US-Georgia-atlanta-1-cache-2, BC5_DE-Frankfurt-Frankfurt-11-cache-1
X-Firefox-Spdy: h2
|
|
| ncao.nc69jfp88.xyz/js/qrcode.min.js | 23.226.181.52 | 200 OK | 17 kB |
URL GET HTTP/2ncao.nc69jfp88.xyz/js/qrcode.min.js IP23.226.181.52:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerLet's Encrypt Subjectnc69jfp88.xyz FingerprintAB:17:8C:29:D7:A7:4E:5D:3D:5B:88:D5:A7:5C:25:32:C9:C1:17:03 ValidityMon, 26 Aug 2024 05:02:01 GMT - Sun, 24 Nov 2024 05:02:00 GMT
File typegzip compressed data, from Unix Hashd9ef5b4e58e0edbd7a77aca39db52296 0200707d44846030125119c9fb3e6c6b5f827ac5 737df2337476779a261b776981951792e1daa9d22f445fa0fe411b11d1473673
GET /js/qrcode.min.js HTTP/1.1
Host: ncao.nc69jfp88.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:51 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 08:03:32 GMT
vary: Accept-Encoding
etag: W/"65f400d4-4dd7"
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| status.rapidssl.com/ | 192.229.221.95 | | 471 B |
IP192.229.221.95:0
Hashf2e313634785299c4addcead674f9f55 88fbec5b7ec5919b7ecd9127d91e46f6f8fadd91 c9772998c7a3494d9ea4ffd6900c341679592cd4097fea2f0d60b25819cb3c5f
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 111
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Thu, 05 Sep 2024 04:25:53 GMT
Last-Modified: Thu, 05 Sep 2024 04:24:02 GMT
Server: ECAcc (amb/6B53)
X-Cache: HIT
Content-Length: 471
|
|
| tongjisum.com/matomo.php?action_name=nc18%E5%AB%A9%E8%8D%89%E5%85%A5%E5%8F%A3%E9%A1%B5&idsite=3&rec=1&r=574579&h=4&m=25&s=53&url=https%3A%2F%2Fncao.nc69jfp88.xyz%2F&_id=c314edec81c59738&_idn=1&send_image=0&_refts=0&pv_id=0mKssO&pf_net=482&pf_srv=155&pf_tfr=0&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 | 107.148.148.70 | 204 No Content | 0 B |
URL POST HTTP/2tongjisum.com/matomo.php?action_name=nc18%E5%AB%A9%E8%8D%89%E5%85%A5%E5%8F%A3%E9%A1%B5&idsite=3&rec=1&r=574579&h=4&m=25&s=53&url=https%3A%2F%2Fncao.nc69jfp88.xyz%2F&_id=c314edec81c59738&_idn=1&send_image=0&_refts=0&pv_id=0mKssO&pf_net=482&pf_srv=155&pf_tfr=0&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 IP107.148.148.70:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerLet's Encrypt Subjecttongjisum.com Fingerprint22:22:37:90:77:6B:B3:22:FF:B4:F9:B4:E5:9C:26:51:5A:06:7C:A2 ValiditySun, 07 Jul 2024 01:42:14 GMT - Sat, 05 Oct 2024 01:42:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=nc18%E5%AB%A9%E8%8D%89%E5%85%A5%E5%8F%A3%E9%A1%B5&idsite=3&rec=1&r=574579&h=4&m=25&s=53&url=https%3A%2F%2Fncao.nc69jfp88.xyz%2F&_id=c314edec81c59738&_idn=1&send_image=0&_refts=0&pv_id=0mKssO&pf_net=482&pf_srv=155&pf_tfr=0&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 HTTP/1.1
Host: tongjisum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://ncao.nc69jfp88.xyz
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 05 Sep 2024 04:25:53 GMT
vary: Origin
content-encoding: none
access-control-allow-origin: https://ncao.nc69jfp88.xyz
access-control-allow-credentials: true
referrer-policy: origin
X-Firefox-Spdy: h2
|
|
| lf6-cdn-tos.bytecdntp.com/cdn/expire-3-y/jquery/1.8.0/jquery.min.js | 129.227.133.135 | 200 OK | 33 kB |
URL GET HTTP/2lf6-cdn-tos.bytecdntp.com/cdn/expire-3-y/jquery/1.8.0/jquery.min.js IP129.227.133.135:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerDigiCert Inc Subject*.bytecdntp.com FingerprintC8:2B:2D:5B:D5:B8:4C:BB:79:6C:99:30:A1:71:01:D1:D0:6D:AE:62 ValidityWed, 22 May 2024 00:00:00 GMT - Wed, 21 May 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65480), with CRLF line terminators Hashcd8b0bffc85bb5614385ee4ce3596d07 359c6c1ed98081b9a69eb3513b9deced59c957f9 d73e2e1bff9c55b85284ff287cb20dc29ad9165ec09091a0597b61199f330805
GET /cdn/expire-3-y/jquery/1.8.0/jquery.min.js HTTP/1.1
Host: lf6-cdn-tos.bytecdntp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 33102
server: TLB
etag: W/"61f0cbb5-1698c"
date: Mon, 11 Mar 2024 23:33:50 GMT
last-modified: Wed, 26 Jan 2022 04:19:01 GMT
expires: Thu, 11 Mar 2027 23:33:50 GMT
age: 15310322
cache-control: max-age=94608000
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
server-timing: inner; dur=7
x-tt-trace-host: 012c79f0c91e5a08a4f814205785f64be3232407d087322c04dcfcd260563b51badfd2f995b424708a30c45af69f984ea230898e156562f2a1b0149a8a5ed4751b1f4be43d67f99c8a02bfd26fdc51ecb2b067b4b855842117f8415113e64d67f11df989e944c6cf2e807b4831279c515cd6df4234d2e3dac70b212a483e5a5a67
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
x-tt-trace-id: 00-2403120733508901042BD60B14695D25-3860718115B2CE3A-00
x-tt-logid: 202403120733508901042BD60B14695D25
x-response-cache: edge_hit
x-link-via: xg31:443;xymp29:443;
x-cache-status: HIT from KS-CLOUD-XY-MP-29-12, HIT from KS-CLOUD-XG-FOREIGN-31-04
timing-allow-origin: *
x-response-cinfo: 91.90.42.154
x-cdn-request-id: f1ad871b627bdd38ebe8cc51cfc5ca2f
X-Firefox-Spdy: h2
|
|
| lib.sinaapp.com/js/jquery/1.8/jquery.min.js | 27.221.16.146 | 200 OK | 33 kB |
URL GET HTTP/2lib.sinaapp.com/js/jquery/1.8/jquery.min.js IP27.221.16.146:443 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerDigiCert Inc Subject*.sinaapp.com Fingerprint15:0E:26:D5:E5:9D:1E:A4:64:13:CE:B1:B0:EE:B4:F0:CE:9E:00:6A ValidityFri, 10 Nov 2023 00:00:00 GMT - Tue, 10 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65480), with CRLF line terminators Hashcd8b0bffc85bb5614385ee4ce3596d07 359c6c1ed98081b9a69eb3513b9deced59c957f9 d73e2e1bff9c55b85284ff287cb20dc29ad9165ec09091a0597b61199f330805
GET /js/jquery/1.8/jquery.min.js HTTP/1.1
Host: lib.sinaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:49 GMT
content-type: application/javascript
content-length: 33067
last-modified: Sat, 28 Mar 2020 02:32:11 GMT
vary: Accept-Encoding
content-encoding: gzip
via: 25140
expires: Thu, 12 Sep 2024 04:25:49 GMT
cache-control: max-age=604800
sae-cache: HIT from 27.221.16.146
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ncao.nc69jfp88.xyz/favicon.ico | 23.226.181.52 | 200 OK | 4.3 kB |
URL GET HTTP/2ncao.nc69jfp88.xyz/favicon.ico IP23.226.181.52:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerLet's Encrypt Subjectnc69jfp88.xyz FingerprintAB:17:8C:29:D7:A7:4E:5D:3D:5B:88:D5:A7:5C:25:32:C9:C1:17:03 ValidityMon, 26 Aug 2024 05:02:01 GMT - Sun, 24 Nov 2024 05:02:00 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash836c16a8d900ff2ae3dde9115def3365 f6095ebf996a030209aec55be1e873f4115fec41 781deca3891eda0133198175a7c91bc760dc329dfa642c535381d6e0166746b8
GET /favicon.ico HTTP/1.1
Host: ncao.nc69jfp88.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Cookie: _pk_id.3.3827=c314edec81c59738.1725510354.; _pk_ses.3.3827=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:54 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Fri, 15 Mar 2024 08:09:22 GMT
etag: "65f40232-10be"
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ncao.nc69jfp88.xyz/favicon.png | 23.226.181.52 | 200 OK | 2.1 kB |
URL GET HTTP/2ncao.nc69jfp88.xyz/favicon.png IP23.226.181.52:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerLet's Encrypt Subjectnc69jfp88.xyz FingerprintAB:17:8C:29:D7:A7:4E:5D:3D:5B:88:D5:A7:5C:25:32:C9:C1:17:03 ValidityMon, 26 Aug 2024 05:02:01 GMT - Sun, 24 Nov 2024 05:02:00 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash0357657fb70eecc53aa3a47da9a228f4 b4be3aa85ed7f49dcb19dd117fbccbe2bf085ad4 1dfc7af7971d3c933bea219ec7fbb61a112dac99e0ae213f689468e3f92d4dc3
GET /favicon.png HTTP/1.1
Host: ncao.nc69jfp88.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Cookie: _pk_id.3.3827=c314edec81c59738.1725510354.; _pk_ses.3.3827=1; _ga_03GV6MC2YL=GS1.1.1725510354.1.0.1725510354.0.0.0; _ga=GA1.1.1707756777.1725510354
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:54 GMT
content-type: image/png
content-length: 2080
last-modified: Fri, 15 Mar 2024 08:09:15 GMT
etag: "65f4022b-820"
expires: Fri, 06 Sep 2024 04:25:54 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tongjisum.com/matomo.js | 107.148.148.70 | 200 OK | 26 kB |
IP107.148.148.70:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerLet's Encrypt Subjecttongjisum.com Fingerprint22:22:37:90:77:6B:B3:22:FF:B4:F9:B4:E5:9C:26:51:5A:06:7C:A2 ValiditySun, 07 Jul 2024 01:42:14 GMT - Sat, 05 Oct 2024 01:42:13 GMT
File typegzip compressed data, from Unix Hashef1e6e07f3d140c6373c8a901e099c62 4700976d8127df2bf6d7cc90dd7e558580d1cf14 3c9ba8cd494d40f814c9a71b43fd0728eed7ab3086f9f231bba827f59720d028
GET /matomo.js HTTP/1.1
Host: tongjisum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:52 GMT
content-type: application/javascript
last-modified: Sun, 25 Aug 2024 03:37:29 GMT
vary: Accept-Encoding
etag: W/"66caa6f9-10784"
expires: Thu, 05 Sep 2024 05:25:52 GMT
cache-control: max-age=3600
referrer-policy: origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| | 23.226.181.52 | 200 OK | 11 kB |
URL User Request GET HTTP/2IP23.226.181.52:443
CertificateIssuerLet's Encrypt Subjectnc69jfp88.xyz FingerprintAB:17:8C:29:D7:A7:4E:5D:3D:5B:88:D5:A7:5C:25:32:C9:C1:17:03 ValidityMon, 26 Aug 2024 05:02:01 GMT - Sun, 24 Nov 2024 05:02:00 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: ncao.nc69jfp88.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:51 GMT
content-type: text/html
last-modified: Mon, 13 May 2024 15:35:06 GMT
vary: Accept-Encoding
etag: W/"6642332a-296d"
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ncao.nc69jfp88.xyz/js/expire.js | 23.226.181.52 | 200 OK | 21 kB |
URL GET HTTP/2ncao.nc69jfp88.xyz/js/expire.js IP23.226.181.52:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerLet's Encrypt Subjectnc69jfp88.xyz FingerprintAB:17:8C:29:D7:A7:4E:5D:3D:5B:88:D5:A7:5C:25:32:C9:C1:17:03 ValidityMon, 26 Aug 2024 05:02:01 GMT - Sun, 24 Nov 2024 05:02:00 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/expire.js HTTP/1.1
Host: ncao.nc69jfp88.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:51 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 08:03:32 GMT
vary: Accept-Encoding
etag: W/"65f400d4-5310"
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ncao.nc69jfp88.xyz/get_target.php | 23.226.181.52 | 200 OK | 92 B |
URL GET HTTP/2ncao.nc69jfp88.xyz/get_target.php IP23.226.181.52:443
Requested byhttps://ncao.nc69jfp88.xyz/ CertificateIssuerLet's Encrypt Subjectnc69jfp88.xyz FingerprintAB:17:8C:29:D7:A7:4E:5D:3D:5B:88:D5:A7:5C:25:32:C9:C1:17:03 ValidityMon, 26 Aug 2024 05:02:01 GMT - Sun, 24 Nov 2024 05:02:00 GMT
File typeASCII text, with no line terminators Hashaa4da9f7711ee904874079d389d6f761 76f520d7b9f1873fb3e95cc5147cd5d4ccc1c67d 3cbc8ccb44f89d932802f92195c54bcf74969b457fe6a314bc9240bd2958cf99
GET /get_target.php HTTP/1.1
Host: ncao.nc69jfp88.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ncao.nc69jfp88.xyz/
Cookie: _pk_id.3.3827=c314edec81c59738.1725510354.; _pk_ses.3.3827=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 05 Sep 2024 04:25:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.0.33
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|