happy-u.vip/bgv1?cep=cx1CamZou15MPF_zzUmisa_zJEzongV0yqNijDAHMpBoSR2UU_MXFs1fB-RKnm6iSdTp5sFTugtg61CY3F3c-omSMR8yJ66bUGwRe9mGJdI9lcDyRnk_Bppu8knZyJ04-YuM4b-SJ_bIvE_0rEBOmMfsJuto1bDa5r_rJrkox6bUWMwlOSVmR_ezHnvQAIpOtJrNi88keWKxiqWxv5DiRNs0pUiJ6KZNGw6ANipr1XGxlLR3ot1-3arj8Lr1ZmgCHYkEIrUDS2hpx71OeORmzI_Mg8wr_ICqVhjFuKqIw36yrYkMwwhEESTQkJuWQk4j6FDn2GD0Xz805Z6aIUZ2_TqI9UAiVodVXWMbg7oXzmRRLB7AsPiIOS-2IBje9NIR&lptoken=16b075703677239e68ab
302 Found 314 B URL HTTP/1.1 happy-u.vip/bgv1?cep=cx1CamZou15MPF_zzUmisa_zJEzongV0yqNijDAHMpBoSR2UU_MXFs1fB-RKnm6iSdTp5sFTugtg61CY3F3c-omSMR8yJ66bUGwRe9mGJdI9lcDyRnk_Bppu8knZyJ04-YuM4b-SJ_bIvE_0rEBOmMfsJuto1bDa5r_rJrkox6bUWMwlOSVmR_ezHnvQAIpOtJrNi88keWKxiqWxv5DiRNs0pUiJ6KZNGw6ANipr1XGxlLR3ot1-3arj8Lr1ZmgCHYkEIrUDS2hpx71OeORmzI_Mg8wr_ICqVhjFuKqIw36yrYkMwwhEESTQkJuWQk4j6FDn2GD0Xz805Z6aIUZ2_TqI9UAiVodVXWMbg7oXzmRRLB7AsPiIOS-2IBje9NIR&lptoken=16b075703677239e68ab
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 55542e1e11953f5e940edfe46faf183a
cfaf1d9781b22c3ed9a21239c1c3a4339c4f70ce
3694b74687f25736a5a01876523b9152d8e7cb45860d5292b0ed3449a902f062
GET /bgv1?cep=cx1CamZou15MPF_zzUmisa_zJEzongV0yqNijDAHMpBoSR2UU_MXFs1fB-RKnm6iSdTp5sFTugtg61CY3F3c-omSMR8yJ66bUGwRe9mGJdI9lcDyRnk_Bppu8knZyJ04-YuM4b-SJ_bIvE_0rEBOmMfsJuto1bDa5r_rJrkox6bUWMwlOSVmR_ezHnvQAIpOtJrNi88keWKxiqWxv5DiRNs0pUiJ6KZNGw6ANipr1XGxlLR3ot1-3arj8Lr1ZmgCHYkEIrUDS2hpx71OeORmzI_Mg8wr_ICqVhjFuKqIw36yrYkMwwhEESTQkJuWQk4j6FDn2GD0Xz805Z6aIUZ2_TqI9UAiVodVXWMbg7oXzmRRLB7AsPiIOS-2IBje9NIR&lptoken=16b075703677239e68ab HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 02 Feb 2023 17:56:27 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-error-code: Found
x-amz-error-message: Resource Found
x-amz-request-id: HBD9ZSV1F1AF21K5
x-amz-id-2: AfpE0KY+GYN+KyRkQTkILaOS6pImeJVIivZ8ZNmMC2HnZ0TvVuEpbTyfWeme0B4m8Pi70+K3JjY=
Location: /bgv1/
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBDDTKxJdzzThpAvjTrD6hT%2F1bNPlUuS1g%2FeTUcbJRlkDxizz4BOzJYPTZ74JLfSTtBec9jxzsQqhkhJz9S%2BVsZTXZv%2BcAKBfEROsVJGfQ5c9D0%2B1mCAQT0kffgORA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934cdb6a9ea0b51-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6535
Expires: Thu, 02 Feb 2023 19:45:22 GMT
Date: Thu, 02 Feb 2023 17:56:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4994
Expires: Thu, 02 Feb 2023 19:19:41 GMT
Date: Thu, 02 Feb 2023 17:56:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 17:36:06 GMT
content-type: application/json
age: 1221
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4521
Expires: Thu, 02 Feb 2023 19:11:48 GMT
Date: Thu, 02 Feb 2023 17:56:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jjHWRfg9/oGXmuzaHdIbhRjYjDu9VatAvGddih2XA2NADONHokyuazSd58fE+uCck3Co4IGtt+Ck8rPM4Jd0Ug==
x-amz-request-id: 4B9SW80VEBHV7E6E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 17:52:04 GMT
age: 263
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
happy-u.vip/bgv1/
200 OK 9.1 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11464)
Hash d3a08b074241fe836e910e3a01c4b5a0
f31624745876fe9e5bbcc76eda5aece9115bebd9
ead658f0b25ee824c2a4ef4aa66ae9ae424440018cce56e1264b33e11e67d0d0
Analyzer Verdict Alert fortinet Phishing
GET /bgv1/ HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:56:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 4YDHbKkwGbY6rcEdqi5HjoDvCzSBZIZ5XAI5er2V9f1N+KShQU/uRGodg7VZq69fiCQ5U8SiHjI=
x-amz-request-id: QE946HF94J5ZB788
Last-Modified: Wed, 24 Aug 2022 13:58:23 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EchXdlyHYQZqu0V2lkDhqdCb73yAo%2Byz2OSWyzOS6u4K2Nurz6AG7WZUlFe9tWkMoSFxxkvimOvhzLd09FiDQ2stfGUpsK68JDdqsSsrTKmohuT2T9wcqLfJgE5QQw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934cdb83b6e0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:27 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 0ede9217e40a6bf6f80f4def23a90a81
31bf390777fede55e08e3cc0e91dc69b7339040f
955c96b94b634f3c12925c1daa9b8d60592728da242b1828fdae578385b2beba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99664
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:56:27 GMT
Etag: "63dadb9b-116"
Expires: Fri, 03 Feb 2023 21:37:31 GMT
Last-Modified: Wed, 01 Feb 2023 21:37:31 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 0ede9217e40a6bf6f80f4def23a90a81
31bf390777fede55e08e3cc0e91dc69b7339040f
955c96b94b634f3c12925c1daa9b8d60592728da242b1828fdae578385b2beba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99664
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:56:27 GMT
Etag: "63dadb9b-116"
Expires: Fri, 03 Feb 2023 21:37:31 GMT
Last-Modified: Wed, 01 Feb 2023 21:37:31 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 0ede9217e40a6bf6f80f4def23a90a81
31bf390777fede55e08e3cc0e91dc69b7339040f
955c96b94b634f3c12925c1daa9b8d60592728da242b1828fdae578385b2beba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99664
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:56:27 GMT
Etag: "63dadb9b-116"
Expires: Fri, 03 Feb 2023 21:37:31 GMT
Last-Modified: Wed, 01 Feb 2023 21:37:31 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 0ede9217e40a6bf6f80f4def23a90a81
31bf390777fede55e08e3cc0e91dc69b7339040f
955c96b94b634f3c12925c1daa9b8d60592728da242b1828fdae578385b2beba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:56:27 GMT
Server: ECS (amb/6BC3)
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 05295a6ef6a1e08350820742ca84d4cd
829cfdfb5f40a5cf0a9b80d787d46652df0ffdec
2864347c8cafc993e298b6c80a7e34b0c49710b9e8e35af6815ef685d4efdaf2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2864347C8CAFC993E298B6C80A7E34B0C49710B9E8E35AF6815EF685D4EFDAF2"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2158
Expires: Thu, 02 Feb 2023 18:32:25 GMT
Date: Thu, 02 Feb 2023 17:56:27 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash b2a063f530c2132d31c18ff02810c100
ae3a25cfc332c571e8edc57d1ed1b201af7f5998
3bc836a364fd0d83f54410c908641a7b76b7bf2e860017dd90fa4da582586a56
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 690
Cache-Control: max-age=168015
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:56:27 GMT
Etag: "63dbe3e9-117"
Expires: Sat, 04 Feb 2023 16:36:42 GMT
Last-Modified: Thu, 02 Feb 2023 16:25:13 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
my.rtmark.net/p.js?f=sync&lr=1&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a
200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a
IP
Hash bd33725f56da891692dff0ac7583d37d
2f5c7d6865087971dd4645d30d6fff57b64fa3fd
66411aa8478bd069ad8a9aa0f2159279c3693da7a7e1fb3b1e53c751e580cfeb
GET /p.js?f=sync&lr=1&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:27 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash bd77b0ce6227313b58b12ef9e56b6971
bec5fd298d45b3f63f77294678220808caa57032
32b6b0c3128db1a27ada330dcdda3659db3ac39bd12ad32e2f55c0b5e8a4b261
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:56:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 20:20:02 GMT
Expires: Wed, 08 Feb 2023 20:20:01 GMT
Etag: "bec5fd298d45b3f63f77294678220808caa57032"
Cache-Control: max-age=526413,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7934cdba8fed0afe-OSL
happy-u.vip/bgv1%2Fimages%2Fcheckin.png
200 OK 457 B URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Fcheckin.png
IP
File type PNG image data, 92 x 21, 8-bit colormap, non-interlaced\012- data
Hash 796fc192fcda87bf7bb11977b21c6ee8
3b982842c71acc6c5df6bacade53b9a52c2a77e6
736416d5fe9fbc1e6904232cd5777b8855e846302a1c4994a4dae0996cb28519
GET /bgv1%2Fimages%2Fcheckin.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 457
x-amz-id-2: rIaGzdgY+HjBKHgZS6qlOysc9OWJ8JOVq4ddcIIyKSHVdWVa1GtTKXqcfb3dnauGzI/fayZAuLM=
x-amz-request-id: HBD3ZBQMZQ4AN35E
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "796fc192fcda87bf7bb11977b21c6ee8"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FjA7DKcBrsRq0NpyDI%2FNl7Awb%2FNWr1X4lcHaATbsw%2FPMPxtSn78yHuJf3KPF9rYvpzf8QcJse68wMiW40%2F%2BXyBQNZCCdiRoW7xRJPMCkIqBjvEQw%2FgUJadZTsJSKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba686ab505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2FDsrKpkj.jpg
200 OK 1.5 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2FDsrKpkj.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 0d0f29abfcedc7dfffe3811a5100a6cd
19567e85aab4fd05d752cfa86f88087465042b0a
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
GET /bgv1%2Fimages%2FDsrKpkj.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/jpeg
content-length: 1506
x-amz-id-2: 5OJwvweclcek+sohbxgDjUgcKAyG6AUeViqLcc9nkzVIwGuN5w3PN01yzUFCIIB336rrCukcsbs=
x-amz-request-id: HBD4NJ302VNZ1T4Q
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "0d0f29abfcedc7dfffe3811a5100a6cd"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=louSWc3VAy9pBI1DQSQXH5RrihtDrX%2FrmcPlY2b5lr3SzXDedz3mnpufoNXoxCCBt6EPK4XEd1YcVq6jXLsAELVXvnWVMwTfmevx3Tc%2BcHEF1TiymdlACS70y80IZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba7874b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2Fstatus.png
200 OK 404 B URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Fstatus.png
IP
File type PNG image data, 92 x 21, 8-bit colormap, non-interlaced\012- data
Hash 2cda8294f2c9ac8680e7630478cf44c6
d35e94e38fb6f8da59106684dc51e4f4a3e6cc84
8ffc78a93ca6bd7774c34203a2f38d9df70990c98d5dda238c40f7940e1c3247
GET /bgv1%2Fimages%2Fstatus.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 404
x-amz-id-2: 06wSafau1y+8ddiA7xCXk2HcjFTSl4aeVMpJNehQS43+3lEk9+5a8S6PyoN8KkRaDc9v1+1Ixnk=
x-amz-request-id: HBD1DZF3VTHDB137
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "2cda8294f2c9ac8680e7630478cf44c6"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rg3HdKKPMkYvXV0IdcO2HWs2F%2Brya4ujCjYPEaTiwOuZptUepIW%2BEBOrH6hWBtavmDTkFHlFmZhk9qAPN5XJG%2F997QckeRM2QOoP1IPlit2PVFzWJfR%2FKsICjHEUmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba6865b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2Fred-arrow-right.png
200 OK 495 B URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Fred-arrow-right.png
IP
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash f4f08e109654f7b401d113816dff5e2c
3cd201d6460e432ff5d8934c1554eeeb32ba02f4
88b4c9e5c7abeaed6e442d233266272e8048f035434fe3af5edcda9052f138ac
GET /bgv1%2Fimages%2Fred-arrow-right.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 495
x-amz-id-2: uwZ3j0qxSql4r8XoIOqldDyo0Jhw/XbLfY8nBWbq4ooRqt4zeZVc1gthXAJeSrB9yBJHv6BsqM4=
x-amz-request-id: HBD4G3ERY5ATJP8E
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "f4f08e109654f7b401d113816dff5e2c"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdYT%2FhvyH5EoH8jMZkDfwVJ911vkC4tjfVp%2BJHFwEC6katf%2F%2Fa3HSElzcMFyksFfWu%2FVPeXc%2BSRN0SkQYrFzlqeV2xjOuX1hkHaH4YKzpMdyoOoUSpaTNU5jiAMkOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba7877b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2FplR22yu.jpg
200 OK 1.0 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2FplR22yu.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 51x51, components 3\012- data
Hash 8eaf167dee1c0b4384b854fd68836eb4
be410ab820048230ee32948da6345dbc3c6a2a94
d2ca60af74992ff458ac141945706d2178267d69692a9cd6bdbcfa8d2780a3b2
GET /bgv1%2Fimages%2FplR22yu.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/jpeg
content-length: 1001
x-amz-id-2: rvyHf14MsE3Q/MG1SePuJkim9LqnHv8aZx/+2PJLnTcewBrxnBbTxOj548T0SX6nyb+gZjx8BMU=
x-amz-request-id: HBD2DA6NFS5FK4EW
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "8eaf167dee1c0b4384b854fd68836eb4"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYP4NCFXODFRAkVnhhvp8GXNExlamVYBosjiK8Xa%2B%2B7BTQs1CVS1pYVMFpspiWOxmPbx2ELgiXpUpAGtnLmkO5BRdUl0aWxcxzcYjxuFNF7ii%2Bw5irYnWJ0KBHpPNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba7875b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2Ficon-search.png
200 OK 3.6 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Ficon-search.png
IP
File type PNG image data, 65 x 22, 8-bit colormap, non-interlaced\012- data
Hash a53737d0c1e722c790cdb73e8a40fae4
58d8cf39a72f15a335190a3a285386edea776526
6034859360e67a648165e4f71cd36da3712a564905318a9145b19e500dd6a369
GET /bgv1%2Fimages%2Ficon-search.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 3579
x-amz-id-2: E+8AkQwC/BGCoYXMrmlxXwzLNa++H9yfwCqCDhgV9FaoSK1vJY4LLnAC0At+kxApjhWwMJdSi84=
x-amz-request-id: HBDC7YH73NC48WYE
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "a53737d0c1e722c790cdb73e8a40fae4"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqRZP7DbNz4iOWNSX3So0kIvKqF6jDGm5NE1ZQGsaTx%2BUVAH6%2BawyYp1II0%2FUJ7XfQbpLanLR%2BcpzAC2mCN4dzkPBODkPQZdAYAwn%2BB9ERlqc3Xs4tsOu7XlBgPHCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba6867b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2F9PH2QqX.jpg
200 OK 1.6 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2F9PH2QqX.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 102933136ea4fe862f931bb364ad8c51
b0f114f9d39fd228827a75b25c408a4a2adab61b
d62bdcc9ca536db0ec677242f218332ebf4a0f0372e6f57ddf19ef9a5d1aa2f1
GET /bgv1%2Fimages%2F9PH2QqX.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/jpeg
content-length: 1623
x-amz-id-2: pzAMeoT/MXZKxN7Rf9wwYCn/fmyNfj4ugJHoi9QtqgZFIOQJfnL3KUs2FTWX640YWlh1I6alRXE=
x-amz-request-id: HBDFQ9ENX8SQH05B
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "102933136ea4fe862f931bb364ad8c51"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EN3Mj0563XUhXxZ%2B78Ew1gpaDhVdNuMyoWtizwvglvWM5y6XLOrdBiB4Th7eG09mk%2BdN%2B%2Bc%2BkxvM9zNpmcJwEsUwZwWEXz3x%2FS94WAg6mN0%2BhRAQVTla4xH%2FNJ1AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba686eb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2FyWwCB4c.jpg
200 OK 1.9 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2FyWwCB4c.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash d1b07f775527dbe2e3f4a63cf2bedc56
591e43ae55c2c6596b850a9ba6e3fa62dcde9c06
9b5f9beceae5873611200a408662ef812bbc682bd6996db552e066bfc0f41639
GET /bgv1%2Fimages%2FyWwCB4c.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/jpeg
content-length: 1871
x-amz-id-2: MH66gc3Rb1xlEWJlSO8PX+h2KPdr87Tfse7BCopkYraJGr+RhB98fy87J4IsrExmHrVyaA1Yp08=
x-amz-request-id: HBDDVEX4850W0BD9
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "d1b07f775527dbe2e3f4a63cf2bedc56"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seiGoAmnfyXi8NwPV1MRuq3K2%2FvAHqArJPTklWZQnNxg3t5Qemuq2ntZqcRW4z95KL1sjC3AzHn6x7d%2BXQJqkkrX%2Bji7Wbb3%2FYIAjr8O0KzhEFtR0wR%2FzXx5R0rp6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba6863b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2Ficon-account.png
200 OK 251 B URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Ficon-account.png
IP
File type PNG image data, 65 x 22, 8-bit colormap, non-interlaced\012- data
Hash e33b90b3b0967a02d7c9ae8ff6b60f30
47eb5ad0ad785fee87d0621ed776ffe82adc697f
d6168ef356b0aeaeb195b450de21edf25284b7f2c6a2810258ae5603a39e43f9
GET /bgv1%2Fimages%2Ficon-account.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 251
x-amz-id-2: BJFZ4TxYNVd6J+/n/L3zCXItsQfcujmyOUPe1MghmUyepfv5ag6KbILd1oT+OY4zPKBhL9ikNDA=
x-amz-request-id: HBD28XDFMNEM45VH
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "e33b90b3b0967a02d7c9ae8ff6b60f30"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjgN%2F39083%2BxpD6k8jtPVvKBumRJ5bp9z8IW%2Bxr15HxvMrEShT45V3Stw8gAnF3rdYDHCStK2rEig5ekI%2Bukr94TGDWfA49tm3kUNfmIk0qj%2F7mjT3Z68XntO59l%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba6869b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2FyEUMY3v.jpg
200 OK 1.6 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2FyEUMY3v.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 5da3831556c780010e0e5c5b967e43ce
574623afde349258b91d44849ef16d483b61e223
45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07
GET /bgv1%2Fimages%2FyEUMY3v.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/jpeg
content-length: 1608
x-amz-id-2: WZX3ZbYuytR1ywyNNvGg1P5+8IwlJKkRa240P1w7dRA6eEU3kffBJzjWvunRT/kfHOfUVYmLQMw=
x-amz-request-id: HBDFWBR7MZ9RZEAR
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "5da3831556c780010e0e5c5b967e43ce"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4cIsxY7T3S1YhIC5h4IvDSy6lIPFG%2BgYHGt5j9s5y4eYVGHkEQYfONUVB6KXEB0NQmO2ncRrKvQY%2Fu%2BN6bNJV4FuZ9t4Ez%2BmG%2FiUJPfLSaoSCfrAnIo%2F2i%2F%2FMAOjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba6872b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2Flogo.png
200 OK 243 B URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Flogo.png
IP
File type PNG image data, 16 x 16, 4-bit colormap, non-interlaced\012- data
Hash 66c23a105121bf693e5fda5aa232cd2c
5b7688e4db7f216de02ffa8fdb7d33cf684fe7f1
0d0d7c6b70ad170073dad654669a7fcdaaddb46929d6fa5567e9ed93f5680d8f
GET /bgv1%2Fimages%2Flogo.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 243
x-amz-id-2: XBJdlG+kaABcRsqP2tXD6v05J7ihamQPXdgjgf5P5wI0uJ81OLZDNEovuz7Nr8AKKKaXXeXrWgg=
x-amz-request-id: HBD9NZ2RENXQ8Y92
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "66c23a105121bf693e5fda5aa232cd2c"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hT3sy47NKrV6v9xGUHIWh%2FWG7iAEPI73DVEFfCmIWUUC%2FaOFfcdLx7KfvqcUgwCUaMOLLjPyd1%2FXQFMkEBksLELrtZjp%2Fk6GT3UIpKvVtTW%2FkVsA3efzYvcHZk%2FVlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba7876b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2F7wSpKDu.jpg
200 OK 1.5 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2F7wSpKDu.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 16d14205120c13b9bb5b64a91a927f47
de90436381960ab243a332b97dbfd661347fe9f1
9452ab566725c6cacae9ab39c1481bdcc1205fb07ae3709b946d8e73072b5324
GET /bgv1%2Fimages%2F7wSpKDu.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/jpeg
content-length: 1547
x-amz-id-2: Y1IfG3+QvcbLVrRKgRuu05OW5lCCK/db6F21kdn8k89nM+nnwjLZGdzujSOVUFdDKNAp5Iew/gA=
x-amz-request-id: HBDBEX706V9J8KYA
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "16d14205120c13b9bb5b64a91a927f47"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufB634Ru7GxrAPYdlFxluqVIDZSErpwAJcj3LtyFzaehmRTqW110vpgDSrWQCi05GyIG%2BsR%2BKSXVgsV4xIHI3NOfCFAZZaNEZeNNKXoEpOqEBzPXx7P4shDFIVk9Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba686db505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2Fred-arrow-left.png
200 OK 493 B URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Fred-arrow-left.png
IP
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 5db20018a0fac6b541260df23929db91
3f438440cc0e414f7f7c47fd6be642a9abda85ba
138800c53f456513cc20c3a21110f5cc9b984de9ce6652adc9e7bcd7d9b3c8b7
GET /bgv1%2Fimages%2Fred-arrow-left.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 493
x-amz-id-2: GCSd5Ei9eTgtTP5apA3T1kxlCFvp1pNtC/J2nelCnTL/vRshkX6KSGG2Da8+yGoh0KNBJuOL+GU=
x-amz-request-id: HBD044M5WYP9YWK3
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "5db20018a0fac6b541260df23929db91"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtDUfnSkzf6FtMGzxnMoSZH3v9onH0DwMUcx9REHqNcTGJShUfjeWes6kYdyCiUptAdpOyRbTOR%2BkoVVRBPsejlPGafQTLbaTflysLlht13XRvXnGNB8%2FSgQbv6OKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba686bb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2FEKZrmbS.jpg
200 OK 1.7 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2FEKZrmbS.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 36219a038e38decf224738dc56870d0e
824a4648f22839e5fb23184229bbbad3487140be
118e8968971eff8afa6d0ae7ca340f256b661b5096ca3b43f90737c02faade50
GET /bgv1%2Fimages%2FEKZrmbS.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/jpeg
content-length: 1717
x-amz-id-2: lqh0PfZJQDjd6pq9OCaoG3d+t+jvhLx+7I68gxp1zKAZiXRTmgs32gK5xCBEhQJVVPEPahYkJyQ=
x-amz-request-id: HBD43TTMKWTTCWS5
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "36219a038e38decf224738dc56870d0e"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2Ff1xIa%2B707yB1DNlX9EgbqWuRxOWkxofJiJGcInkHouacju%2BDGDOdo4fQ%2FGSckWwDGqpjHQDThBFNTaojJ%2Fm8jkzmJ90gFuykSjqUGgaxZIhZ9omhqoL0InMQYtvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba6871b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2FKqX499j.png
200 OK 1.1 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2FKqX499j.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash dd3ca7519448be324f8c3223a276f813
3c5570882d2fcd4d3b1791114a8558df71ef4183
f6b611eebed4c2780c8619e862ddfb71e35e5aeab502640d910fc9f248063dbf
GET /bgv1%2Fimages%2FKqX499j.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 1109
x-amz-id-2: z0AEdGbpRziaiqFnBa6IXi6QxIV737WjcN3mA7SPW2Ew5rul2V8THtZX90PpxZuIoUkgVqZi5aU=
x-amz-request-id: HBD4HDJEMTG5A06R
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "dd3ca7519448be324f8c3223a276f813"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aASlchOJxxD34pcYF1FXrI1EFm2TiD8pqQZM3bTO1qyiiiS7jJkgScnlT4iqHaMAI6de4CA0MXuqrl9Pjo%2BjkqNzmlyhjjWDN1xNU5nRoeZDEu5%2FfCgrO7fs02o7YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba7873b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2Fphoto.png
200 OK 372 B URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Fphoto.png
IP
File type PNG image data, 92 x 21, 4-bit colormap, non-interlaced\012- data
Hash e353bbf718baf082a548932439b6a8ee
18bc9fb3b1a00a7732173a6aad1ebbb608248bf3
c2c7afb9a455ea1a40b187fc3ac78170834905ee5db39820870843ddd3028544
GET /bgv1%2Fimages%2Fphoto.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 372
x-amz-id-2: 9cnSKETaycXbB9R72l/CYJhxm4qiXgnTsUT28w2grLjqSnsd8lHJkrthWJ54ENSMbaVo9THHc/A=
x-amz-request-id: HBD3XJP04AX32W2J
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "e353bbf718baf082a548932439b6a8ee"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PguSGho02fN29eFZ8kosTTi19OL2Pw00%2FbUk53AepkYgHNUpaaAbUChzMO%2FBkzo%2FzP%2F4PPuXFETlplyJ41b23oKdDoNTkVk7qh2EAZR%2F0Kl646Lleh4GlGoy5qZrDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba6866b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 0ede9217e40a6bf6f80f4def23a90a81
31bf390777fede55e08e3cc0e91dc69b7339040f
955c96b94b634f3c12925c1daa9b8d60592728da242b1828fdae578385b2beba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=99664
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:56:28 GMT
Etag: "63dadb9b-116"
Expires: Fri, 03 Feb 2023 21:37:32 GMT
Last-Modified: Wed, 01 Feb 2023 21:37:31 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
happy-u.vip/bgv1%2Fimages%2F3temv7e.jpg
200 OK 1.2 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2F3temv7e.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash a848711320a9df61e6457f65b0dfa9fb
68a62a84d89f4f9e1e831a6cef920797c7f2e7d5
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
GET /bgv1%2Fimages%2F3temv7e.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/jpeg
content-length: 1169
x-amz-id-2: U4t4HWxoBWHlnGqNithKNv5gj1w5YkCWaz/y1TVUCvC08LGKEvWiTr0/0oiKvMknjJ6dEwzNCms=
x-amz-request-id: HBD1X48V6KP747JH
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "a848711320a9df61e6457f65b0dfa9fb"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BPFX9wkOKOMd24AXdnVFqE1k8ovcSKU0ogxR%2BxA%2B8euE3phZA1vT9iFAIWylTbef6SCGvU7u3nBkyMChQIKj6MXDYbefIrMceQtFNPhd66sPmKI1p9bETqMot0rYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba686cb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2Fimg2.jpg
200 OK 1.3 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Fimg2.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 92b944714cea3e478a8e50dea1a80b26
f12fc267be0ab02e2f3585b42df5b8c10d3cd3a5
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205
GET /bgv1%2Fimages%2Fimg2.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/jpeg
content-length: 1297
x-amz-id-2: PXt0ub5HB65VrvJZmRGDu1Ikcsja5RN8FyEERx0uerBmbXSqJvypIQBHak1z1FHU0rMZfCqB0R8=
x-amz-request-id: HBDF6TBGMX1PF239
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "92b944714cea3e478a8e50dea1a80b26"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qa91jpKHonY%2FzERdAUqoyqNyffPzeQVXWa20bnrWeXAPjpI56TnVq2yRc9OrMyxHZtrFeHFyNOFTpGe1Pm8YtYxM4X0tF6n3gXSfX9NImvf4XNVv%2BFmQxpS3X0wRYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba6861b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 0ede9217e40a6bf6f80f4def23a90a81
31bf390777fede55e08e3cc0e91dc69b7339040f
955c96b94b634f3c12925c1daa9b8d60592728da242b1828fdae578385b2beba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99664
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:56:27 GMT
Etag: "63dadb9b-116"
Expires: Fri, 03 Feb 2023 21:37:32 GMT
Last-Modified: Wed, 01 Feb 2023 21:37:31 GMT
Server: nginx
Content-Length: 278
happy-u.vip/bgv1%2Fimages%2Fimg1.jpg
200 OK 1.3 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Fimg1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash c3c59916d3b4977017c89125dc42b664
c8e5a97a6e9fbf41558c09c65b2ca6df9ba8723a
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
GET /bgv1%2Fimages%2Fimg1.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/jpeg
content-length: 1315
x-amz-id-2: qIP/7UnZi25G7jvXDAOXBzlZgFn5zSw8LInggyogfDjn7/PmvacVI2E2lny0Kmo8ElBK8RhJTaM=
x-amz-request-id: HBDC1QJCGK03D06G
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "c3c59916d3b4977017c89125dc42b664"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4N8v3C6fQAqPoXD5jsamRKcf5CuGqgbZMb81IbzMMl%2BCxYmo40F%2B0%2BeirdCizCrVMAf2kx9qJV40Dd%2FGQ2v5%2Boxs2ntacEUs%2BVVEFXMy2LkR9Gqiyt8a4m12j5TLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba685fb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.countryflags.com/thumbs/bulgaria/flag-button-square-250.png
200 OK 2.1 kB URL HTTP/2 cdn.countryflags.com/thumbs/bulgaria/flag-button-square-250.png
IP
File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced\012- data
Hash 3f0bf22f5b1b69cfbceac506951d3afc
edd3361f44f2971f96af94cff3ea35a485061dfa
2c6c2c194cbcf3b0b62d748b79e5c09d3d0ecc4021f23182966272219939e2e1
GET /thumbs/bulgaria/flag-button-square-250.png HTTP/1.1
Host: cdn.countryflags.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 2091
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "82b-5426c8e5e5000"
last-modified: Tue, 29 Nov 2016 08:41:36 GMT
cache-control: max-age=2678400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njyfiIjruM0D6W%2F43pyVU1c7hgPEUmybiEO8Ut71FkYzvzWa0Qw0ZAyjdFZP23a%2FO%2B4ZHqR6%2FcZM0y8CiSQ18sJp6P7wShrOnA8y%2FBJG%2BR0M0OY1QY%2BLXMhNjdW0LPHAfpQ7qLxp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba9adc0b59-OSL
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2Fslot-result-2.png
200 OK 23 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Fslot-result-2.png
IP
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 2510ea89d6674e700170ea8438045cbb
f26b53e2875b396f3b208a15052133a06ace1f2f
4fb6cef2f7a06048bec380e22f1ab9b70c45672e59cbe83dda68763406340103
GET /bgv1%2Fimages%2Fslot-result-2.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 22914
x-amz-id-2: LK2uO/K6XWiboWnVCOaA4pZ48Blv3fbsnk0LgAQNuNLcj/eEmiquM/e/jocnfRxBf85S9Ul/2Tk=
x-amz-request-id: HBD9R1F5RTPKYCQW
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "2510ea89d6674e700170ea8438045cbb"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tH19bWtCLa6wU5kZuo10rcxLwDxz6kdgYTLhE7zzh1mH1%2BQXqVAAkF1i3SoWPQ1uxGafEvllEfIWCF9S%2BJhViS9PwTuyTqKo%2FbEG8jlufHm9LEuxyOxoDyBdnvN%2BMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba685cb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2Fslot-result-1.png
200 OK 18 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Fslot-result-1.png
IP
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash ec844a2e36c13835d34f1bac0db0498c
8b334e469dfbe6ebae1b3c58d6567efc654c5fa9
5038f4c7ab64de7b0a0523253a60f0ac5af53ce9b522d67ed6b8dcd28cd9a07c
GET /bgv1%2Fimages%2Fslot-result-1.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 17883
x-amz-id-2: jxcoAERj6DpDank0iyd0dZ/DHC2eUjVOzrBmp2efFrpG0BNp8GD27qxV7difIZsopY8z7DOfENY=
x-amz-request-id: HBD2AMWPY4CXVVMG
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "ec844a2e36c13835d34f1bac0db0498c"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoS0xMleHQXuNjtyx9d%2F8AWqgi6HQfxKJvdBR7Lxt1OeinVLMHVWrJXnt6pqel7owbHcD4%2FY7%2Bnpx6QuAs7yrMZGfJGBVgAM68gSheEdFkwaFESCu5hOZEru31OeRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba685bb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2Fslot-start.png
200 OK 22 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Fslot-start.png
IP
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 244e8f79da0526379203f0429ed8ae1f
73f652c94f5089ca3feeea0946331b711d8efa37
1e11461e5c27dd50a536a8ec0674b627168d061654ceae7f82fa9c7834b525a6
GET /bgv1%2Fimages%2Fslot-start.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 22059
x-amz-id-2: UkB6WMWHSDSIjoR75ooS1G2kTlvzGBW/JwKYFW74f+1PBUDG0Ddk1YvXiuc845b+ineWc7RGPm0=
x-amz-request-id: HBDFFQ2ZYY5DKHF6
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "244e8f79da0526379203f0429ed8ae1f"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8n4WJE9rL6JulxlQDYyRrqjjm5XoZQFqc6K6uJslegzhQXTFQMIIq6XFogjwHCgG7O14kTVRCPxd%2Fr8fqTHyBhwdfab6XeaE34gc2Ox0Yo2AuRiw39PfdaG3uz9SRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba7878b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1%2Fimages%2Fslot-win.png
200 OK 14 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Fslot-win.png
IP
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash ad463090b233af33d543c66279082ef7
c5c076022496220069ada53b61e360115d633ec1
3f3ba843f8336a629438b345bfd4e85a17745c9941105fe2bc96081c01860050
GET /bgv1%2Fimages%2Fslot-win.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/png
content-length: 13522
x-amz-id-2: XtupoafbcANACYXwyewfV9NQXiH4jC5DWfxsPEaqjKREJi55q7BoQw0MRwckELh8Y4sI6wOY1vk=
x-amz-request-id: HBD19GF6Q34VDNXQ
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "ad463090b233af33d543c66279082ef7"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BJFDXsHwfTjKZGOa7d2yXsXJ3BGhzWcXiKkYTbL5DDOU7gIRXRNkgkssRnrgVASsCOndxK2sd%2BoyFINXLc0avzdudwx7prOKXV9bfMa33r45rph21KHLD5rJjJ7Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba685db505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 67d700154d75602f11c9737cddbd2276
490decbfdd242deefa9fbf092bd256d31402d73b
935941e71355a1991f0159b44473a728ca64f86efab9f81fcec08dcacf285471
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151678
Date: Thu, 02 Feb 2023 17:56:28 GMT
Etag: "63dba487-1d7"
Expires: Sat, 04 Feb 2023 12:04:26 GMT
Last-Modified: Thu, 02 Feb 2023 11:54:47 GMT
Server: ECS (dcb/7F5E)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: APcmU67tIIVDLNoNWU_E4ebK9UCribk-dZE9uVDLaCtzeNDURjsLxg==
Age: 579
happy-u.vip/bgv1%2Fimages%2Fslot-spin.gif
200 OK 74 kB URL HTTP/2 happy-u.vip/bgv1%2Fimages%2Fslot-spin.gif
IP
File type GIF image data, version 89a, 410 x 279\012- data
Hash 20c1e25bf5d1de526cef9a215cc9f996
67a934664e96950e3ba1722fbaae8ce024789cc0
3fd606b3ec90e6e1e9babfa90bcf35aef37607df5083f42c2285113f8137d39c
GET /bgv1%2Fimages%2Fslot-spin.gif HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/gif
content-length: 73808
x-amz-id-2: /cpqVlzkj40lqKpGX5w0oS193EhoTyej/Xs5+giU0WeN3wK3hQHlMdUi/CwDcg0+aUPK9dqGBrk=
x-amz-request-id: HBDFP0DZA2K950FP
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "20c1e25bf5d1de526cef9a215cc9f996"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMKkS4RWVZ8QG1KvuQoyd6IrHSkOCKSzsj9%2BuMCmtcvUv9eWS2Ahi17Xf17JIs3WHZkDpVgUoaIA%2BBZ2ZgqYNVn%2FKyYr%2FqGyFM6aQpp3wl%2FBAF%2FvXrVPnvaL4zERkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba6859b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
assets.landerlab.io/base.css
200 OK 8.7 kB URL HTTP/2 assets.landerlab.io/base.css
IP
File type ASCII text, with very long lines (8731)
Hash 7f6de4e86d84bcbfd919f155e7545439
e7d9a7a418519c3fbce6de3c85775087cba93b49
8d8c59c2712df25a26ecd01739496e49c3514a9341fa3cd21cfa98627ba6efa2
GET /base.css HTTP/1.1
Host: assets.landerlab.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 8732
last-modified: Sat, 29 May 2021 19:05:04 GMT
x-amz-version-id: 0sEXTlrAazg9KkJm7sv1lqt808WfgxiL
accept-ranges: bytes
server: AmazonS3
date: Thu, 02 Feb 2023 05:06:28 GMT
etag: "7f6de4e86d84bcbfd919f155e7545439"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zc1Smqja8ToYhwWS06fKKDgPM-z5hKNlBVNZQYnSyi15nw2yoekYhQ==
age: 46201
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 17:49:05 GMT
age: 443
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 080f156b79a0ccb7818cc90b9c88103e
69258e757c229cff686bd8e71978455f16769107
c134fe10701323f9156b587ac5cf38b1f3a59b651780a8fd7f68e362e0ba533f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C134FE10701323F9156B587AC5CF38B1F3A59B651780A8FD7F68E362E0BA533F"
Last-Modified: Wed, 01 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6015
Expires: Thu, 02 Feb 2023 19:36:43 GMT
Date: Thu, 02 Feb 2023 17:56:28 GMT
Connection: keep-alive
happy-u.vip/bgv1/sounds/spin.mp3
404 Not Found 356 B URL HTTP/1.1 happy-u.vip/bgv1/sounds/spin.mp3
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b66e6f0ecf0d633b6903e32cbfe6e508
20d4bdc60dd1620ae85c5f4f44caaf7c683d4a0c
7abb22430ad4b8baa1924f4b4e415def19bfca9e7acc1efdd6b4f11036da8097
Analyzer Verdict Alert fortinet Phishing
GET /bgv1/sounds/spin.mp3 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://happy-u.vip/bgv1/
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 17:56:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: NBF06E08E0VD2JEB
x-amz-id-2: JLTFXshkq9Wy7RR6Y0+I9lXrTS3zwieiLe5txkAK33dkOH00F8lJGKBp1ijUxsWUBkzQ8HPonHc=
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BXVVjeuSQqHMnm91nsdxK71h7eycJrX0pV7aROwYjsZkuKy6KsA95a6RpLlvhe4bBPqGDpVfYsgWq87dcE4jFt8EeTgvDxRFz4xZoIFqvkLrfaMCXPLnwZuZk%2BaUg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7934cdbce832fac0-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a38fab9935d471e375ef640d6ac4e667
017ff26d808eff453da628e880e04ce6beee3654
7e1b3c60cd7d45623686b73da1d2f6c92b7de281691b2ae5700da4728b8967ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E1B3C60CD7D45623686B73DA1D2F6C92B7DE281691B2AE5700DA4728B8967EF"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3198
Expires: Thu, 02 Feb 2023 18:49:46 GMT
Date: Thu, 02 Feb 2023 17:56:28 GMT
Connection: keep-alive
happy-u.vip/bgv1/sounds/alert.ogg
404 Not Found 357 B URL HTTP/1.1 happy-u.vip/bgv1/sounds/alert.ogg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 67c6a844ba118a0e874b37673e7d2d4f
3708f11363858e3631129dbb2e2d2b99485e40ce
4a7a0bc7fba4412953fbf9f46141cc37f1834cbb75c9c9a2e3d64b9ef944cd71
Analyzer Verdict Alert fortinet Phishing
GET /bgv1/sounds/alert.ogg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://happy-u.vip/bgv1/
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 17:56:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: NBF47Q3CHEJX2Y64
x-amz-id-2: j2nMEB93RqQ0o+zVw2/eCd52OZUHH/rQLguHJqYMu4egvBYxKv3aoDm4jbad/g7L7s35gYYcDA4=
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=si8dcsPSwnkIw78t0m10D7stMXsGSW4Fen3xDBRJlCkLeRm%2FqLDB2i0ievc0ui%2FY5UATuPvrsJGk2fi4WiIocDQwYR1%2FfZNAxct6ACFH8P0f%2FqGSQ%2BINFaa4PqgsRw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7934cdbcd89f0b51-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9327
Expires: Thu, 02 Feb 2023 20:31:55 GMT
Date: Thu, 02 Feb 2023 17:56:28 GMT
Connection: keep-alive
happy-u.vip/bgv1/sounds/win.mp3
404 Not Found 355 B URL HTTP/1.1 happy-u.vip/bgv1/sounds/win.mp3
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e93474801d965128d98e487e2fa6210d
4949988fa4d80356727dd4f48d0e348a1c593d40
4a1ac36ff2654d7f569b6b19e357556f5589c377f020ed9ae2300512980a3d74
Analyzer Verdict Alert fortinet Phishing
GET /bgv1/sounds/win.mp3 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://happy-u.vip/bgv1/
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 17:56:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: NBF0JZZ9BPR1QKH4
x-amz-id-2: 3HW3MZc5hGWsxzsWuunqPk5hrCD1B2z6CkyrQXrJVkSzZzOS9ZXGk1qAHB8itQ4d0JwcZV6qeMg=
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxHnwYsYaz0wra%2BVADWoLT4nOX1Vjb%2FrXo9k5ccb8ckit0K8z3i02GI2ay8oJIyBBJZkrO6LFbdaEviHa7fa0pWI02a695lcbJE3mho1mxYOvjbR2vu3%2FsY6eaFb7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7934cdbcdf84b511-OSL
alt-svc: h2=":443"; ma=60
unphionetor.com/vctx?t=74797
204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=74797
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=74797 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://happy-u.vip
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 17:56:28 GMT
access-control-allow-origin: http://happy-u.vip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 30a414e111bfd188711807246094106d
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 0ee5b16a991598f5e5873021f6b1231a
a17f9267eb4ea0f5d9c348ea16a91f1bcaf42f1f
ee621500464e573168aa29156f694a8dbb7e5b7d7e01403bb50606f5a47f733b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=113312
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:56:28 GMT
Etag: "63db10ec-118"
Expires: Sat, 04 Feb 2023 01:25:00 GMT
Last-Modified: Thu, 02 Feb 2023 01:25:00 GMT
Server: nginx
Content-Length: 280
happy-u.vip/bgv1%2Fcss%2Fs.css
200 OK 16 kB URL HTTP/2 happy-u.vip/bgv1%2Fcss%2Fs.css
IP
Hash 7d7064fbbe0639ec3ff4a958e26231fb
a06e697ce8d622d113d60fa742a7d78a3620da73
aa32cd0bd87f0bf687c5d1052503b106926c45f0b9d1d7d268c3c1fd06b6da97
GET /bgv1%2Fcss%2Fs.css HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: text/css
x-amz-id-2: +u4Pq1F9vtCgaufLUEmm8ZRmj/BRUAE8Igv7yXZfmfdZ123pavpZ4GuRvh6A0SMrH2Zfpjqnoso=
x-amz-request-id: HBD9GW9VMSZW0RBX
last-modified: Tue, 14 Sep 2021 10:23:04 GMT
etag: W/"26557b7cc6a3228ebc4b17921ad44ea3"
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPwCJTIkoeqTVgrUY1XvHfzQgluSCjFY%2BGw7gwBrWyWK5x3Uh8GLsDQ8fVNUCdZB9niRE6ARru%2Fg%2BljmFcVfn3rqE%2BUisjZRhh4eyKtVMdwFfaJwW8sszfKpZXBHGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdba6857b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/bgv1/sounds/alert.mp3
404 Not Found 357 B URL HTTP/1.1 happy-u.vip/bgv1/sounds/alert.mp3
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 46793adec1e69892c7552eeafb1258e9
9e204b907334009079d1bf32fbef6a32e406e98e
048566e3f32def3c88989294047d7056b2d64c4d52e99c9f5e942be36847fbd4
Analyzer Verdict Alert fortinet Phishing
GET /bgv1/sounds/alert.mp3 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://happy-u.vip/bgv1/
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 17:56:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: NBFE6PFDWCRW3WW3
x-amz-id-2: 3QYd8GI+cXfckxVQZ0ZmM0BiRuKU4A52ZiHFzjiSA0JlUR4ktiptONgwq3oj0PDF1JxCfpQQG0E=
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjOmf7JZYsqL8tBXV3w7lcjlAB4Hlkj%2BHG7wtV2atmEHO0wb3b93dP%2B8SCYfgakH2Ay2ZvV5z0LEoPZIWjzwaL4x5R0nuMe1sQb3fblgT5R3wPVmCQICbUvPdPVP7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7934cdbd88b6fac0-OSL
alt-svc: h2=":443"; ma=60
notix.io/settings?appId=10044f74f614078bbe1e394a55f7e43
200 OK 92 B URL HTTP/2 notix.io/settings?appId=10044f74f614078bbe1e394a55f7e43
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 418cfd3f4f2183761c35028cf1636c30
d73501e798b75ec1e9c259d3284f4fcde2267f7a
473759afeea2324f27fad63787eefdef24cde70ae23574326b68a3dd5216fd46
GET /settings?appId=10044f74f614078bbe1e394a55f7e43 HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://happy-u.vip/
Origin: http://happy-u.vip
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:20 GMT
content-type: application/json; charset=utf-8
content-length: 92
access-control-allow-origin: http://happy-u.vip
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=74797
204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=74797
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=74797 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://happy-u.vip
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 17:56:28 GMT
access-control-allow-origin: http://happy-u.vip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 91a6cbe7236afd6f6ea7d555b8f94c46
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6a83f1cda10b24856cd1be686e5cff48
9176a8eebc8d2457d201e195da4c4f76688f5a16
9cb7ea8c3301debfe14b8f13ee01254c080238169ba13f0c030ea870d36c70cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9CB7EA8C3301DEBFE14B8F13EE01254C080238169BA13F0C030EA870D36C70CD"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17853
Expires: Thu, 02 Feb 2023 22:54:01 GMT
Date: Thu, 02 Feb 2023 17:56:28 GMT
Connection: keep-alive
notix.io/event
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://happy-u.vip/
Origin: http://happy-u.vip
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:20 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://happy-u.vip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
notix.io/event
200 OK 15 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 63
Origin: http://happy-u.vip
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:20 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: http://happy-u.vip
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
deefauph.com/zone?&pub=0&zone_id=4188429&is_mobile=false&domain=happy-u.vip&var=&ymid=&var_3=&dsig=&action=prerequest
200 OK 0 B URL HTTP/2 deefauph.com/zone?&pub=0&zone_id=4188429&is_mobile=false&domain=happy-u.vip&var=&ymid=&var_3=&dsig=&action=prerequest
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=4188429&is_mobile=false&domain=happy-u.vip&var=&ymid=&var_3=&dsig=&action=prerequest HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://happy-u.vip
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:28 GMT
content-length: 0
x-trace-id: 74a5eab1baf94cb305bfe622ed68210f
access-control-allow-origin: http://happy-u.vip
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
track.landerlab.io/p/606dc316bd12e800113ca177?lander_id=f71017d58f7dc15674b0bce93a8d7970
200 OK 0 B URL HTTP/2 track.landerlab.io/p/606dc316bd12e800113ca177?lander_id=f71017d58f7dc15674b0bce93a8d7970
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/606dc316bd12e800113ca177?lander_id=f71017d58f7dc15674b0bce93a8d7970 HTTP/1.1
Host: track.landerlab.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:56:28 GMT
content-length: 0
cache-control: no-cache
set-cookie: worker_cookie=N4Igdgpg7g+gFgSwC4wQExALhAYwEx4BsAnIQIxkC0ADIWgCyX10BmlxOARgOzt4CGnfi2LEAHCzQQQAGhAA3BAGdkqDNmL8GOYgMosCYpt26N+eMWnbcArDltoAzDhZixshctVIEAWwhKSPy+AA5YIHjUeI40eLEAKmTcmDaEmBYAdMzcAFoeiipIAPYATmrhjtxiEPT89JyUVdSM9BBk/NZiOJQu/PxiwvRi9GSEHjjBIfwIAOZg5diEtGg4jqOcaGR4EGLU1BTO/EncHmBFUjA4cNNgWADaALpyyjCQUFgs/AA2ShAAvkA===; Expires=Fri, 03 Feb 2023 17:56:28 GMT; Domain=track.landerlab.io; Path=/; SameSite=None; Secure
__cf_bm=dO2CuVIxV.P4J6NWx4_P5wwgV6hWGl_7OUCNq37j6FI-1675360588-0-AXqCebLBuyUbavaZr9EN4btIsxWAMhlBzc3qM4JMfvqOSD+wt3KWRP5KtnBTUQAMkYF4XHaZqk9hwYmVfoiRIZQ=; path=/; expires=Thu, 02-Feb-23 18:26:28 GMT; domain=.track.landerlab.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934cdbdd90dfac0-OSL
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=74797&bid=undefined&aid=undefined
204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=74797&bid=undefined&aid=undefined
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=74797&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://happy-u.vip
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 17:56:28 GMT
access-control-allow-origin: http://happy-u.vip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: f161ddeca1de80f035904db61b7d107a
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=74797&bid=undefined&aid=undefined
204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=74797&bid=undefined&aid=undefined
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=74797&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://happy-u.vip
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 17:56:28 GMT
access-control-allow-origin: http://happy-u.vip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 9a861043c55b2a00620810bd3cf1d63f
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: o4un+MGiRuMP2CSWt/pbpg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yS9XFHHVEymYG5PNwigzPGW1Rc4=
my.rtmark.net/img.gif?f=sync&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a&ttl=&rurl=http%3A%2F%2Fhappy-u.vip%2Fbgv1%2F
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a&ttl=&rurl=http%3A%2F%2Fhappy-u.vip%2Fbgv1%2F
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a&ttl=&rurl=http%3A%2F%2Fhappy-u.vip%2Fbgv1%2F HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3a41ac694b87460da4e06d721898945e; expires=Fri, 02 Feb 2024 17:56:28 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
notix.io/event
200 OK 15 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1233
Origin: http://happy-u.vip
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:20 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: http://happy-u.vip
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
happy-u.vip/favicon.ico
404 Not Found 268 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a15db524d42cca816cbe5f016ead4faf
3ff346d2c2f82ba3cd2b3857e3f5bfa317e3f4b8
75c73d2ef460abc66df59a8d2d618d2e508d883c62508a6cdb4c26533f24a763
GET /favicon.ico HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://happy-u.vip/bgv1/
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 17:56:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: NBFB10YPRF5JYM41
x-amz-id-2: wngxXqUip0uZrKi6rLvnb+25EyPJ9zVOs3aktEh9JcyzV4xuMsLqoLp3VQCjhdUsezVWT2NNJvw=
Cache-Control: max-age=2592000
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQXVLOsr2niszxSLqCzUJ3x3Aold1EVVgg8sIaNlrGpv%2FQiUcS3yAES96g0QXDDOwB3BMl0cfkQw4Bpqclu4MrmJOKw0ZDRkuvnF%2FxPacEamMosKBxsePnAJ0%2FWi0w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934cdbf19f4fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
notix.io/event
200 OK 15 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 68
Origin: http://happy-u.vip
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:20 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: http://happy-u.vip
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9290
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9290
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9290
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9290
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9290
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:56:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:16:08 GMT
age: 38422
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: f47f7616-41aa-4983-8ada-20f6f0b6856b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frfXtHkUoAMFr1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadf64-083a903959cdab540bd38265;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:53:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UqoeSWse0jZAC3IEIWk5fj9q_4xsAoZRkn67U4m2L5NkayHxsAYmlA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:35 GMT
age: 71755
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 70492
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 70492
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d910c24f5a6108cb74103cd70692a703
9fe648fa464e46d16f685aca1704f3414eda4107
5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 70492
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b91a1323efe4b01a2d1a2e8485117934
43d04a554f6ef512e7b21ac09287efc0e4e5efee
393e3ab81aee9fda022d06c25789be66e56aaf56f81b0514ab5dfec445087bdf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd8c5ba-bd1b-4dda-ae36-680f02b388f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10807
x-amzn-requestid: 9fff89ce-35f7-4b09-b766-6e65b4586c10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ5PHm7oAMFdfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd07-0ed090976c8a74542e225f4c;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Hhd99jugAUeT4SMDkgOSFkc9q5jWXE0qAq51OVq8ct4juyFrYH0IhA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 05:50:30 GMT
age: 43560
etag: "43d04a554f6ef512e7b21ac09287efc0e4e5efee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
unphionetor.com/vbri?t=74797&bid=undefined&aid=undefined&tp=3472
204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=74797&bid=undefined&aid=undefined&tp=3472
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=74797&bid=undefined&aid=undefined&tp=3472 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://happy-u.vip
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 17:56:30 GMT
access-control-allow-origin: http://happy-u.vip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: d65c45a799489e05d53f18e8f1d92b64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbri?t=74797&bid=undefined&aid=undefined&tp=3473
204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=74797&bid=undefined&aid=undefined&tp=3473
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=74797&bid=undefined&aid=undefined&tp=3473 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://happy-u.vip
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 17:56:30 GMT
access-control-allow-origin: http://happy-u.vip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: c67a6509bc21cee5aa868d47a2e7d9a4
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
walter-larence.com/hp
200 OK 0 B IP
Analyzer Verdict Alert fortinet Malware
GET /hp HTTP/1.1
Host: walter-larence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:27 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=74797
200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=74797
IP
GET /fv.js?t=74797 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:27 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 8c6fc4f518c2e1d4b6249729e6e9b83e
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=74797
200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=74797
IP
GET /fv.js?t=74797 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:28 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 2494bf85513cd59ffce6074569e19cdb
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
notix.io/ent/current/enot.min.js
200 OK 0 B URL HTTP/2 notix.io/ent/current/enot.min.js
IP
GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:56:20 GMT
content-type: application/javascript
last-modified: Wed, 01 Feb 2023 13:13:31 GMT
etag: W/"63da657b-13cb7"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
104.21.93.229
23.36.77.32
35.241.9.150
93.184.220.29
188.114.97.1
18.193.146.82