ckk.ai/cSWmeEZsm
104.21.83.50301 Moved Permanently 0 B IP 104.21.83.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cSWmeEZsm HTTP/1.1
Host: ckk.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Feb 2023 12:34:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 09 Feb 2023 13:34:01 GMT
Location: https://ckk.ai/cSWmeEZsm
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGZ40%2Bu02a8iSnqXnqexwBWXbdqHnmZgLBMCGZtOH%2BqfE1cgO6PV81kHCiqLemEYXAf%2BBoIkxQKLFRSYYJuN%2FJXDyPiPQ33HFwM2D3Ox%2Fw0Rk4OeQe3rXks%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796ca3066ab0b527-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4788
Expires: Thu, 09 Feb 2023 13:53:49 GMT
Date: Thu, 09 Feb 2023 12:34:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6680
Expires: Thu, 09 Feb 2023 14:25:21 GMT
Date: Thu, 09 Feb 2023 12:34:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 11:34:15 GMT
content-type: application/json
age: 3586
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2179
Expires: Thu, 09 Feb 2023 13:10:20 GMT
Date: Thu, 09 Feb 2023 12:34:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LZwIiIxyZ7CbsfhXMDQdpKWrTyL8yTx2kvBjiBCOZZfkvMhmC/44+T73MlTL6WZ+O0w7k++8oTQ=
x-amz-request-id: ZTM98M2D6EBEN6QG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 11:46:23 GMT
age: 2858
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:01 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7441375b858dcbf95d2e72bc056c47f9
2f53f2e6b0b442b97cbdbbe52ced54d133914075
6d5e3e935fa093660d57a4c6bd5bac01bad7c4d7bafa001abddd66cdcfa82e3d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:34:01 GMT
Server: ECS (amb/6B86)
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 11:51:21 GMT
age: 2560
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3990
Expires: Thu, 09 Feb 2023 13:40:32 GMT
Date: Thu, 09 Feb 2023 12:34:02 GMT
Connection: keep-alive
push.services.mozilla.com/
35.165.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eAni9v+yXiu8yo+LdowXzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vtHKL8NM11Tj7nmYVJwPH104zcI=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7441375b858dcbf95d2e72bc056c47f9
2f53f2e6b0b442b97cbdbbe52ced54d133914075
6d5e3e935fa093660d57a4c6bd5bac01bad7c4d7bafa001abddd66cdcfa82e3d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:34:02 GMT
Last-Modified: Thu, 09 Feb 2023 12:34:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 51 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 538b74ce585fdb09b4c735f0c7afb288
531377bf628909ee17dadc9d041c6ab5c694f250
be3488874187c5828755632452bf7ad503a038eed1d820837b571a87c77605bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F93FFCB42C96A92C9550893F17318B0B971E53E1D738B28435C59474E0BA50B8"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15367
Expires: Thu, 09 Feb 2023 16:50:09 GMT
Date: Thu, 09 Feb 2023 12:34:02 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:34:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upgulpinon.com/1?z=5324394
139.45.197.242200 OK 7.4 kB URL HTTP/2 upgulpinon.com/1?z=5324394
IP 139.45.197.242:0
Hash 93e46736c2f098153dc8f3b599aba007
fab6d44506a7e4e497271959fb80b606e5fc7fa2
8938e93a7f724922ba0c95e674f4f75b871f13ab03b74bdd05b0d747932bc2bf
GET /1?z=5324394 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:02 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 2f40e4595af5731dbcc2e9c908a90a14
access-control-expose-headers: X-Sc
x-sc: 5hIX7D8pgIioHPY-BeQSN54aBrxRyztIumFUbBDMFufPWHbFrSUhuXB7nxQHfVar71sCuzAxFBBfmCxIgYBEbeBx7LI=
set-cookie: scm=1; expires=Fri, 09 Feb 2024 12:34:02 GMT; secure; SameSite=None
OAID=bbd2ef225dca4c4aacb7d031531a1e20; expires=Fri, 09 Feb 2024 12:34:02 GMT; secure; SameSite=None
oaidts=1675946042; expires=Fri, 09 Feb 2024 12:34:02 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-113561579-8
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-113561579-8
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 03c3583150308afb3e7b0fb715f20c44
ba5dacf131015b43255aba9534b4302da7f83626
afbd6433a87e34d0304929e207b3a8e7e69db054194a72158b8a5870d3f093e8
GET /gtag/js?id=UA-113561579-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 12:34:02 GMT
expires: Thu, 09 Feb 2023 12:34:02 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c74e9f147de7d62e78277d819ede0751
627a1f1790ed308c084954f02edde1d8bc1f8cd3
ae5558becb7b757ec4c00f843f2bb67ae9e8c40524bf4ca0c48a1084570a13c9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE5558BECB7B757EC4C00F843F2BB67AE9E8C40524BF4CA0C48A1084570A13C9"
Last-Modified: Tue, 07 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8547
Expires: Thu, 09 Feb 2023 14:56:29 GMT
Date: Thu, 09 Feb 2023 12:34:02 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:34:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62e1c096261a63c6096a782c65b9e412
7641529b57d4975f50e17dd9f05e9d6e185d0a7c
d029d3962b5ed801b62caa64e5d2b402c657934b44860b21c43806c22a599f7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D029D3962B5ED801B62CAA64E5D2B402C657934B44860B21C43806C22A599F7B"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14498
Expires: Thu, 09 Feb 2023 16:35:40 GMT
Date: Thu, 09 Feb 2023 12:34:02 GMT
Connection: keep-alive
cdn.itskiddoan.club/apu.php?zoneid=5225632
139.45.197.236200 OK 30 kB URL HTTP/2 cdn.itskiddoan.club/apu.php?zoneid=5225632
IP 139.45.197.236:0
Hash cdd136df737716706c5070a691818563
256964a2691274a7d4f8bb358d1925d4c9f0e8a1
240fcf55f851c21c8b8881954648ec8e038503fd88d2fd052f371879046e562f
GET /apu.php?zoneid=5225632 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:02 GMT
content-type: application/javascript
x-trace-id: 03deeb09c81a185f694ed5d952e4490d
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=a903784d5c9c48ae94624c1412a7f857; expires=Fri, 09 Feb 2024 12:34:02 GMT; path=/; secure; SameSite=None
oaidts=1675946042; expires=Fri, 09 Feb 2024 12:34:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ckk.ai/cSWmeEZsm
104.21.83.50200 OK 100 kB IP 104.21.83.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63100), with CRLF, LF line terminators
Hash fd6643e9c32ef04922a039649b6b9125
d7cdea779f71154ab7fe82dbdd71036ef0256fa5
ee8ed0a80842ef98d5d11f3c22d060b462e926ac2387f335c36db31a054be904
GET /cSWmeEZsm HTTP/1.1
Host: ckk.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:34:02 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=83e0569756c2ed4214c41801bf746fe9; path=/; HttpOnly; secure
refcSWmeEZsm=ZGQwZGVjYWZkNmRjZWM1MGM5N2I0MDExMDcxZjQ0ZTU5NWRhZGIxZmQ3NjU2ZDFiMmQyMzc0NjNmYWEzNmRiMJLPAPKMLD1vbr119ficlwz%2F5EIkZIcIeVNdxLTzu6Kk; expires=Thu, 09-Feb-2023 12:39:00 GMT; Max-Age=300; path=/; HttpOnly; secure
csrfToken=3bbf650fcc35347beb1395fded17765c62bdf8498a6c6be160d714d96483082469880a57e8f580988026f38f77149300fc25fbefa1ddf05e4e3caabee099e76e; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJrZ5nARbGTShSBZBhh7c3IYIpTr3F9tMgxmUvQ1yfvB0nqeS9aOqW0SSrp20vk%2FBGD%2BZifCp6sFF4jj912r7BBA5X27jJ4RRR2pTOseAtbjkCicXCPgg28%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796ca308e922fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2
iclickcdn.com/tag.min.js
172.67.75.9200 OK 26 kB IP 172.67.75.9:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f962b5d54518d04e24eabd6900065ada
718e8b233e3741fb9c89408734f0b7c76692887b
3c97a0d349787f5d3b90536ca79b4faf2bb6bdda357ed03173a0a1dfc9c88256
GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:34:02 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 7fc0fa052d002511edc61367452a0154
cache-control: max-age=86400
last-modified: Wed, 08 Feb 2023 13:50:40 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 10 Feb 2023 07:14:54 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 19144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLfWJ19KZ1eD2sF5d2H6tQlOm8vq1K9d9Qlt3Tb7kF6wNsZcukJGaQBkGRqKoNQyesW1Ik7bNXrQR%2BfuWqNDr9s30urU1VMAttYdvNtkgUguZIIgVNO4JFEi8mIoH78%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796ca30f3e960afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c870022f76a19ae661adbbe5ebac68c1
91479e99e109e7cf5b2506f90aac6e89c4bf60d3
fd061980d6e4498c5c5529702297f81194ac5ce7a13bd04fd51d38e56a202177
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD061980D6E4498C5C5529702297F81194AC5CE7A13BD04FD51D38E56A202177"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6542
Expires: Thu, 09 Feb 2023 14:23:05 GMT
Date: Thu, 09 Feb 2023 12:34:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9795d2ebb2f66b63fb7f7a14fc56dcc3
886c13778b9c0bfa36c465cda7f07ab12832c45e
8f7b41ab9ddaa4430fe076b8eadd32a0c1969edce1fba49e843c78b43332472a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F7B41AB9DDAA4430FE076B8EADD32A0C1969EDCE1FBA49E843C78B43332472A"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2303
Expires: Thu, 09 Feb 2023 13:12:26 GMT
Date: Thu, 09 Feb 2023 12:34:03 GMT
Connection: keep-alive
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 2b94b285ef2ef34e4fcbe2615058dcc6
024314bdc9c166ac3ae74ea9a0649edd3c032e36
f0bfda8e9692002d9355bbd9fa323dd388d3383e548bc07acdd90067b7c73f67
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3456d80f174b47c596d8750e74a11510; expires=Fri, 09 Feb 2024 12:34:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 164cc99a45d9973bbddc37afba66b3a2
61d7d18b2f100c72502b196b0956522600ad45d5
e6d8a5cebdba9dde7e85be60aae94fafc9e09664bf97a4c44622cc2f62f0b274
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6D8A5CEBDBA9DDE7E85BE60AAE94FAFC9E09664BF97A4C44622CC2F62F0B274"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9236
Expires: Thu, 09 Feb 2023 15:07:59 GMT
Date: Thu, 09 Feb 2023 12:34:03 GMT
Connection: keep-alive
upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=3456d80f174b47c596d8750e74a11510
139.45.197.242204 No Content 0 B URL HTTP/2 upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=3456d80f174b47c596d8750e74a11510
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=3456d80f174b47c596d8750e74a11510 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
forfrogadiertor.com/500/5533285?excludes=&oaid=3456d80f174b47c596d8750e74a11510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 forfrogadiertor.com/500/5533285?excludes=&oaid=3456d80f174b47c596d8750e74a11510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5533285?excludes=&oaid=3456d80f174b47c596d8750e74a11510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5b1b993523163323b6a569da7eb55c47
f0e6b63b23125aab1eb608664e58ecddfefb7dd8
ec0a03bcaa80fc111a90f16589e849b4e9ee9a89b084cc5caa30103361edff24
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:34:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 15:49:38 GMT
Expires: Wed, 15 Feb 2023 15:49:37 GMT
Etag: "f0e6b63b23125aab1eb608664e58ecddfefb7dd8"
Cache-Control: max-age=529533,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796ca312dcfe1c06-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1169
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 09 Feb 2023 12:34:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ckk.ai
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5403
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 12:34:03 GMT
Connection: keep-alive
upgulpinon.com/11?rnd=241588895&z=5324394&b=16692475&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=_MfmtOMAWgpVOJ54305NXX1Qqb5uG4tWU0ygQF4JutOvv-03_2gp0PpPX2O2mQlSWUyPME1RT2SPMYEBYrgQFc0tTulcHeqCTeEZms1MlYXqRnNwozpCwugFsAi-ADpX9iiKwyKqbFruSksrHH3SQD2ep_bdIWWBUtoTvPWDs65qU_cokvFRw0CIdPRogN_e9iNd5gCK9ILxHih_xs38LlUPcdXSEutFUMgSy0VFrD7Yex0KohwRdaeE8ppeV7jiWFGe7cVSCVbr2_LCffHKXpXk48KIcmFEAgtj8DorWou7DSp66dOKEA_q9MdkNr_oiSIk5fAQldDmYAgi_Rb9HVoKpeUVOfSAReCKHhitRRBhxr-hZfyUsJZclZ0ntZtCsIJe8c6AkjXRYHClHFxC3i7s_tvRxGPKuMkBp4M2KTKoPwunBL4OR3tUMxtLFsukgC246_W3X_zkkqSjIKvT9sEgYZrQ_AtMrvmfy2ddDzMLqrt-p5nGSFQmfL-o42XIVOZh-QHUHvusqNoe2WGP8LevAxMkKRuvNsLA5GE6tK1Mt2ynjBr3AMRLvq0YTt48fEHRzO8bE-aGIQ1ygay7pxzbNqm21JW8hLTXkTd3XqmW7aEHi4kiU0yxDnRggoiv5Myk1qx3iyXDdJWUI1hHyj-cqawqA8FFhQ1HdSlpccuJxBSkZ8I9qPNrgNsM3D60sCzGGuG3-4JgAQugS8br-COsE-9vU5-ssUeJ0DHSQby4OxyyqAyrKA==&ruid=c154910a-010c-4b76-b9e0-ff71cc0ef40f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=267
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=241588895&z=5324394&b=16692475&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=_MfmtOMAWgpVOJ54305NXX1Qqb5uG4tWU0ygQF4JutOvv-03_2gp0PpPX2O2mQlSWUyPME1RT2SPMYEBYrgQFc0tTulcHeqCTeEZms1MlYXqRnNwozpCwugFsAi-ADpX9iiKwyKqbFruSksrHH3SQD2ep_bdIWWBUtoTvPWDs65qU_cokvFRw0CIdPRogN_e9iNd5gCK9ILxHih_xs38LlUPcdXSEutFUMgSy0VFrD7Yex0KohwRdaeE8ppeV7jiWFGe7cVSCVbr2_LCffHKXpXk48KIcmFEAgtj8DorWou7DSp66dOKEA_q9MdkNr_oiSIk5fAQldDmYAgi_Rb9HVoKpeUVOfSAReCKHhitRRBhxr-hZfyUsJZclZ0ntZtCsIJe8c6AkjXRYHClHFxC3i7s_tvRxGPKuMkBp4M2KTKoPwunBL4OR3tUMxtLFsukgC246_W3X_zkkqSjIKvT9sEgYZrQ_AtMrvmfy2ddDzMLqrt-p5nGSFQmfL-o42XIVOZh-QHUHvusqNoe2WGP8LevAxMkKRuvNsLA5GE6tK1Mt2ynjBr3AMRLvq0YTt48fEHRzO8bE-aGIQ1ygay7pxzbNqm21JW8hLTXkTd3XqmW7aEHi4kiU0yxDnRggoiv5Myk1qx3iyXDdJWUI1hHyj-cqawqA8FFhQ1HdSlpccuJxBSkZ8I9qPNrgNsM3D60sCzGGuG3-4JgAQugS8br-COsE-9vU5-ssUeJ0DHSQby4OxyyqAyrKA==&ruid=c154910a-010c-4b76-b9e0-ff71cc0ef40f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=267
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=241588895&z=5324394&b=16692475&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=_MfmtOMAWgpVOJ54305NXX1Qqb5uG4tWU0ygQF4JutOvv-03_2gp0PpPX2O2mQlSWUyPME1RT2SPMYEBYrgQFc0tTulcHeqCTeEZms1MlYXqRnNwozpCwugFsAi-ADpX9iiKwyKqbFruSksrHH3SQD2ep_bdIWWBUtoTvPWDs65qU_cokvFRw0CIdPRogN_e9iNd5gCK9ILxHih_xs38LlUPcdXSEutFUMgSy0VFrD7Yex0KohwRdaeE8ppeV7jiWFGe7cVSCVbr2_LCffHKXpXk48KIcmFEAgtj8DorWou7DSp66dOKEA_q9MdkNr_oiSIk5fAQldDmYAgi_Rb9HVoKpeUVOfSAReCKHhitRRBhxr-hZfyUsJZclZ0ntZtCsIJe8c6AkjXRYHClHFxC3i7s_tvRxGPKuMkBp4M2KTKoPwunBL4OR3tUMxtLFsukgC246_W3X_zkkqSjIKvT9sEgYZrQ_AtMrvmfy2ddDzMLqrt-p5nGSFQmfL-o42XIVOZh-QHUHvusqNoe2WGP8LevAxMkKRuvNsLA5GE6tK1Mt2ynjBr3AMRLvq0YTt48fEHRzO8bE-aGIQ1ygay7pxzbNqm21JW8hLTXkTd3XqmW7aEHi4kiU0yxDnRggoiv5Myk1qx3iyXDdJWUI1hHyj-cqawqA8FFhQ1HdSlpccuJxBSkZ8I9qPNrgNsM3D60sCzGGuG3-4JgAQugS8br-COsE-9vU5-ssUeJ0DHSQby4OxyyqAyrKA==&ruid=c154910a-010c-4b76-b9e0-ff71cc0ef40f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=267 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=3456d80f174b47c596d8750e74a11510; oaidts=1675946042
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 0b410ba8709fbb4124e515276681ca27
access-control-expose-headers: X-Sc
set-cookie: OAID=3456d80f174b47c596d8750e74a11510; expires=Fri, 09 Feb 2024 12:34:03 GMT; secure; SameSite=None
oaidts=1675946042; expires=Fri, 09 Feb 2024 12:34:03 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5403
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 12:34:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5403
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 12:34:03 GMT
Connection: keep-alive
bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.483.0
139.45.197.234200 OK 16 kB URL HTTP/2 bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.483.0
IP 139.45.197.234:0
Hash de817ace987388528a732420fc12995f
e73dddfb4e7463cfb32d5991e35ca7fc44e1a690
eb76e89b289ac3e178d80843d1488347c74285d9a5c4b69c362bd66ce1f894bb
GET /5/3491150/?oo=1&js_build=iclick-v1.483.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: application/json
x-trace-id: b4952ac682897d240a8b46c27a04a63c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=8ab29e0bf83c41678faba9351d8d0b62; expires=Fri, 09 Feb 2024 12:34:03 GMT; path=/; secure; SameSite=None
oaidts=1675946043; expires=Fri, 09 Feb 2024 12:34:03 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 403cadd5f6beb14f5d2a4dd9eafc68d3
4724b4929c1afcc134ead274238725e4ce729b26
13d7b7ca88de8341e3ec835a5a7d8c79bc50a136aff8eb90aa3c2267f3e8cc08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5241
x-amzn-requestid: 3ffb8a54-178e-4574-9662-8dc7696203fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiy0FOqIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e41811-26219fa14a85f6e81e4cf129;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:45:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8U_d5u2rtXAyLLBhRZ3BbQkFOc5gxZIPhnyL5XOvjGV6-8KqWyn8FQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:08:52 GMT
etag: "4724b4929c1afcc134ead274238725e4ce729b26"
content-type: image/jpeg
age: 51911
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 087325c404f5b0b8e1bc800c167d6213
da37e1568089cf3536a8fe8304623694b7897326
a21b9844ebaac9fb408fc4d557badfbff0715cee7b5f3c8b9c628cdd1286dbe6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4928
x-amzn-requestid: 6f2d290e-118c-47f8-9804-440b6fad05e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f86gZEhHIAMFX5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1d79b-3bac9dcf09ea66fc4f04abbe;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 04:46:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wctSz3UwyRPsJCr9NfQDidMAMn0Wl13VP2Jt0C1nfVFKqKqiDnu_nA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:20:58 GMT
age: 51185
etag: "da37e1568089cf3536a8fe8304623694b7897326"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce710ab5746832fe637fada3e6d63abf
d545c85d4a8cf92dc8b88db0a056623d1ef7a943
40bae4a2fb9dd60e9339d15ad0838f3ca83b5b6275c35cd22878b6783fcd6247
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: c3dabd4b-797b-4bbe-8824-5f502ff477b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2aG-IoAMFfnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf5-68de905b2ed5bfe46a87e688;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AX-TsURes3Bn0RrAnH7TnsouJdkcOpbq7f7KAzPMWq4RMBH8FWMz7g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 17:45:22 GMT
age: 67721
etag: "d545c85d4a8cf92dc8b88db0a056623d1ef7a943"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea55fd1053c19123cb789a7d14479ccc
45fb06a6feeceff6a06c8c3f37e259ddf6e09820
393290f5ec8379a09da72b2554c30023b688489ffda79f5edfe6f114250ee4c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6061
x-amzn-requestid: cf552847-17d0-4820-9711-3fb129090686
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f8xbCG8jIAMF7Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1c913-0f2af41d6063340d483c3a55;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 03:44:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AhvgnN4mrezDRzaqcb-O0ZGyjW83OcyZd76sLZByQhZDzZgr8Mg-ZA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:15:18 GMT
age: 51525
etag: "45fb06a6feeceff6a06c8c3f37e259ddf6e09820"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ead57d-06ef-4e5b-9d45-4c0ed94ff0f7.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ead57d-06ef-4e5b-9d45-4c0ed94ff0f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa8bb3f20238f62a7a6ebb5d0985192a
f6b3839bfb0cf51d63e9eff2de402495906cd19b
db5ad61fdd000a13b6c8952d1614a6ab18e5f7104270d6471df96f773dacf4e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ead57d-06ef-4e5b-9d45-4c0ed94ff0f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 92d41e06-632b-43f9-828e-268bc024875c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiGuESYIAMFc_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e416f7-599e0f7d327a69921d447f7e;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:41:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TmpAb020dGk7SOXJ2WUYrxIIffsiW9ARYcdeEAwJuq_dtq-jJS-z4w==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:59:26 GMT
age: 52477
etag: "f6b3839bfb0cf51d63e9eff2de402495906cd19b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4d1dca32e3545ac56e41b5b595ad3dd1
72a19cb29c537f3fe7167ef285eb1f5211e3c08a
f875e38df46822a20c6d5aab4eea973c86e7a253d724e73c94dd485e14b474fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:34:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 09 Feb 2023 11:44:09 GMT
expires: Thu, 09 Feb 2023 13:44:09 GMT
cache-control: public, max-age=7200
age: 2994
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:34:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131200 OK 584 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:0
File type ASCII text, with very long lines (921), with no line terminators
Hash 1c85a36998a092d37c3b8ce77bfe8f0e
ed157ea89b61501303c4cab5078676be9ecaa2f9
693af892a5ec0e0c91ecb568effdace49dac9fe828242cce46776dbeb8270967
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 09 Feb 2023 12:34:03 GMT
date: Thu, 09 Feb 2023 12:34:03 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8e3ec475877428c46de780de03e5723
15c1af0070737e09ebab5b8838a79492ee6d44d9
f552133c0d876ccd11388354747848f8f75b9783282dfd432f6f594384a878ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F552133C0D876CCD11388354747848F8F75B9783282DFD432F6F594384A878CE"
Last-Modified: Tue, 07 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5757
Expires: Thu, 09 Feb 2023 14:10:00 GMT
Date: Thu, 09 Feb 2023 12:34:03 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.211.2200 OK 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 09 Feb 2023 12:34:03 GMT
expires: Thu, 09 Feb 2023 12:34:03 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 10505360999799301391
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49706
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e37dc31edee8f8b6cc4af35a9c65cb69
b02a50ac826fd43647ad063fb6a11c83db9b9317
81cb8d491f9d622da335d720890ae9ee0825a798febb968c2612b6df945a4e9b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3712
Cache-Control: max-age=135283
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:34:03 GMT
Etag: "63e4472e-118"
Expires: Sat, 11 Feb 2023 02:08:46 GMT
Last-Modified: Thu, 09 Feb 2023 01:06:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:34:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4d1dca32e3545ac56e41b5b595ad3dd1
72a19cb29c537f3fe7167ef285eb1f5211e3c08a
f875e38df46822a20c6d5aab4eea973c86e7a253d724e73c94dd485e14b474fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:34:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
offerimage.com/www/images/b89a854cfb66584b3f5fef24e571e8b5.png
104.22.32.172200 OK 93 kB URL HTTP/2 offerimage.com/www/images/b89a854cfb66584b3f5fef24e571e8b5.png
IP 104.22.32.172:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash b89a854cfb66584b3f5fef24e571e8b5
9bb5f94bcc641c8cfbc2e24f0a2af5bd07a3a1ea
7228a1274993f4e608b4f0952b2197db136917df3d8ae95ea16a9a34769945e7
GET /www/images/b89a854cfb66584b3f5fef24e571e8b5.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: image/png
content-length: 92662
last-modified: Thu, 03 Jun 2021 06:45:06 GMT
etag: "60b87a72-169f6"
expires: Fri, 10 Feb 2023 04:09:33 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 30267
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 796ca315ebf00a1d-ARN
X-Firefox-Spdy: h2
oaphoace.net/500/5292343?excludes=&oaid=3456d80f174b47c596d8750e74a11510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 oaphoace.net/500/5292343?excludes=&oaid=3456d80f174b47c596d8750e74a11510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5292343?excludes=&oaid=3456d80f174b47c596d8750e74a11510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/84/41/db/7cdd020415d52bac4f03e7e7b0/0315703759395.jpeg
139.45.197.155200 OK 19 kB URL HTTP/2 interstitial-07.com/contents/s/84/41/db/7cdd020415d52bac4f03e7e7b0/0315703759395.jpeg
IP 139.45.197.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 256x256, components 3\012- data
Hash 8441db7cdd020415d52bac4f03e7e7b0
dd8305ab27ab5b7ba4106f4305f601c9941e1efa
d14055e7d300e4f05156c45b09ee102df80e71e58607cd441e68e99b371d3c22
GET /contents/s/84/41/db/7cdd020415d52bac4f03e7e7b0/0315703759395.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=9PwXYh0ktW70jOH&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1611131264%26z%3D5324394%26b%3D16692475%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D_MfmtOMAWgpVOJ54305NXX1Qqb5uG4tWU0ygQF4JutOvv-03_2gp0PpPX2O2mQlSWUyPME1RT2SPMYEBYrgQFc0tTulcHeqCTeEZms1MlYXqRnNwozpCwugFsAi-ADpX9iiKwyKqbFruSksrHH3SQD2ep_bdIWWBUtoTvPWDs65qU_cokvFRw0CIdPRogN_e9iNd5gCK9ILxHih_xs38LlUPcdXSEutFUMgSy0VFrD7Yex0KohwRdaeE8ppeV7jiWFGe7cVSCVbr2_LCffHKXpXk48KIcmFEAgtj8DorWou7DSp66dOKEA_q9MdkNr_oiSIk5fAQldDmYAgi_Rb9HVoKpeUVOfSAReCKHhitRRBhxr-hZfyUsJZclZ0ntZtCsIJe8c6AkjXRYHClHFxC3i7s_tvRxGPKuMkBp4M2KTKoPwunBL4OR3tUMxtLFsukgC246_W3X_zkkqSjIKvT9sEgYZrQ_AtMrvmfy2ddDzMLqrt-p5nGSFQmfL-o42XIVOZh-QHUHvusqNoe2WGP8LevAxMkKRuvNsLA5GE6tK1Mt2ynjBr3AMRLvq0YTt48fEHRzO8bE-aGIQ1ygay7pxzbNqm21JW8hLTXkTd3XqmW7aEHi4kiU0yxDnRggoiv5Myk1qx3iyXDdJWUI1hHyj-cqawqA8FFhQ1HdSlpccuJxBSkZ8I9qPNrgNsM3D60sCzGGuG3-4JgAQugS8br-COsE-9vU5-ssUeJ0DHSQby4OxyyqAyrKA%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dc154910a-010c-4b76-b9e0-ff71cc0ef40f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FcSWmeEZsm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: image/jpeg
content-length: 19059
last-modified: Tue, 09 Aug 2022 07:56:56 GMT
vary: Accept-Encoding
etag: "62f21348-4a73"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e83067c0c795bed78add8c708c67bc1
e49eee3e6e981059ca45bf221c737a62fcc6c733
77ba152a3d31c045d85bd9228a580503ea930935ed37e5e56ba7baa6b6aa3b27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77BA152A3D31C045D85BD9228A580503EA930935ED37E5E56BA7BAA6B6AA3B27"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10437
Expires: Thu, 09 Feb 2023 15:28:00 GMT
Date: Thu, 09 Feb 2023 12:34:03 GMT
Connection: keep-alive
interstitial-07.com/contents/s/70/5f/88/69b97bfaaaf73fff119f88c88a/0699379061565.jpeg
139.45.197.155200 OK 46 kB URL HTTP/2 interstitial-07.com/contents/s/70/5f/88/69b97bfaaaf73fff119f88c88a/0699379061565.jpeg
IP 139.45.197.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 492x328, components 3\012- data
Hash 705f8869b97bfaaaf73fff119f88c88a
68635b1fa3d363472b016b8653fb4676b1a0f226
12cb0e656fef9d32c5c7090b8db69914af5a11207314cb3c5c9e7af18fbfed83
GET /contents/s/70/5f/88/69b97bfaaaf73fff119f88c88a/0699379061565.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=9PwXYh0ktW70jOH&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1611131264%26z%3D5324394%26b%3D16692475%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D_MfmtOMAWgpVOJ54305NXX1Qqb5uG4tWU0ygQF4JutOvv-03_2gp0PpPX2O2mQlSWUyPME1RT2SPMYEBYrgQFc0tTulcHeqCTeEZms1MlYXqRnNwozpCwugFsAi-ADpX9iiKwyKqbFruSksrHH3SQD2ep_bdIWWBUtoTvPWDs65qU_cokvFRw0CIdPRogN_e9iNd5gCK9ILxHih_xs38LlUPcdXSEutFUMgSy0VFrD7Yex0KohwRdaeE8ppeV7jiWFGe7cVSCVbr2_LCffHKXpXk48KIcmFEAgtj8DorWou7DSp66dOKEA_q9MdkNr_oiSIk5fAQldDmYAgi_Rb9HVoKpeUVOfSAReCKHhitRRBhxr-hZfyUsJZclZ0ntZtCsIJe8c6AkjXRYHClHFxC3i7s_tvRxGPKuMkBp4M2KTKoPwunBL4OR3tUMxtLFsukgC246_W3X_zkkqSjIKvT9sEgYZrQ_AtMrvmfy2ddDzMLqrt-p5nGSFQmfL-o42XIVOZh-QHUHvusqNoe2WGP8LevAxMkKRuvNsLA5GE6tK1Mt2ynjBr3AMRLvq0YTt48fEHRzO8bE-aGIQ1ygay7pxzbNqm21JW8hLTXkTd3XqmW7aEHi4kiU0yxDnRggoiv5Myk1qx3iyXDdJWUI1hHyj-cqawqA8FFhQ1HdSlpccuJxBSkZ8I9qPNrgNsM3D60sCzGGuG3-4JgAQugS8br-COsE-9vU5-ssUeJ0DHSQby4OxyyqAyrKA%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dc154910a-010c-4b76-b9e0-ff71cc0ef40f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FcSWmeEZsm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: image/jpeg
content-length: 46345
last-modified: Tue, 09 Aug 2022 07:56:53 GMT
vary: Accept-Encoding
etag: "62f21345-b509"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:34:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
interstitial-07.com/?l=9PwXYh0ktW70jOH&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1611131264%26z%3D5324394%26b%3D16692475%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D_MfmtOMAWgpVOJ54305NXX1Qqb5uG4tWU0ygQF4JutOvv-03_2gp0PpPX2O2mQlSWUyPME1RT2SPMYEBYrgQFc0tTulcHeqCTeEZms1MlYXqRnNwozpCwugFsAi-ADpX9iiKwyKqbFruSksrHH3SQD2ep_bdIWWBUtoTvPWDs65qU_cokvFRw0CIdPRogN_e9iNd5gCK9ILxHih_xs38LlUPcdXSEutFUMgSy0VFrD7Yex0KohwRdaeE8ppeV7jiWFGe7cVSCVbr2_LCffHKXpXk48KIcmFEAgtj8DorWou7DSp66dOKEA_q9MdkNr_oiSIk5fAQldDmYAgi_Rb9HVoKpeUVOfSAReCKHhitRRBhxr-hZfyUsJZclZ0ntZtCsIJe8c6AkjXRYHClHFxC3i7s_tvRxGPKuMkBp4M2KTKoPwunBL4OR3tUMxtLFsukgC246_W3X_zkkqSjIKvT9sEgYZrQ_AtMrvmfy2ddDzMLqrt-p5nGSFQmfL-o42XIVOZh-QHUHvusqNoe2WGP8LevAxMkKRuvNsLA5GE6tK1Mt2ynjBr3AMRLvq0YTt48fEHRzO8bE-aGIQ1ygay7pxzbNqm21JW8hLTXkTd3XqmW7aEHi4kiU0yxDnRggoiv5Myk1qx3iyXDdJWUI1hHyj-cqawqA8FFhQ1HdSlpccuJxBSkZ8I9qPNrgNsM3D60sCzGGuG3-4JgAQugS8br-COsE-9vU5-ssUeJ0DHSQby4OxyyqAyrKA%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dc154910a-010c-4b76-b9e0-ff71cc0ef40f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FcSWmeEZsm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.155200 OK 166 kB URL HTTP/2 interstitial-07.com/?l=9PwXYh0ktW70jOH&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1611131264%26z%3D5324394%26b%3D16692475%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D_MfmtOMAWgpVOJ54305NXX1Qqb5uG4tWU0ygQF4JutOvv-03_2gp0PpPX2O2mQlSWUyPME1RT2SPMYEBYrgQFc0tTulcHeqCTeEZms1MlYXqRnNwozpCwugFsAi-ADpX9iiKwyKqbFruSksrHH3SQD2ep_bdIWWBUtoTvPWDs65qU_cokvFRw0CIdPRogN_e9iNd5gCK9ILxHih_xs38LlUPcdXSEutFUMgSy0VFrD7Yex0KohwRdaeE8ppeV7jiWFGe7cVSCVbr2_LCffHKXpXk48KIcmFEAgtj8DorWou7DSp66dOKEA_q9MdkNr_oiSIk5fAQldDmYAgi_Rb9HVoKpeUVOfSAReCKHhitRRBhxr-hZfyUsJZclZ0ntZtCsIJe8c6AkjXRYHClHFxC3i7s_tvRxGPKuMkBp4M2KTKoPwunBL4OR3tUMxtLFsukgC246_W3X_zkkqSjIKvT9sEgYZrQ_AtMrvmfy2ddDzMLqrt-p5nGSFQmfL-o42XIVOZh-QHUHvusqNoe2WGP8LevAxMkKRuvNsLA5GE6tK1Mt2ynjBr3AMRLvq0YTt48fEHRzO8bE-aGIQ1ygay7pxzbNqm21JW8hLTXkTd3XqmW7aEHi4kiU0yxDnRggoiv5Myk1qx3iyXDdJWUI1hHyj-cqawqA8FFhQ1HdSlpccuJxBSkZ8I9qPNrgNsM3D60sCzGGuG3-4JgAQugS8br-COsE-9vU5-ssUeJ0DHSQby4OxyyqAyrKA%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dc154910a-010c-4b76-b9e0-ff71cc0ef40f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FcSWmeEZsm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1579)
Size 166 kB (166517 bytes)
Hash 52e4a9519fac190df1241fccadd05151
57ee2a7f4b0689685fb60fc4d0f4a87cae343678
e4555047ce5dbb907fac2867cb63a0dd40eb021063398f1efb96db0bc74da82a
GET /?l=9PwXYh0ktW70jOH&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1611131264%26z%3D5324394%26b%3D16692475%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D_MfmtOMAWgpVOJ54305NXX1Qqb5uG4tWU0ygQF4JutOvv-03_2gp0PpPX2O2mQlSWUyPME1RT2SPMYEBYrgQFc0tTulcHeqCTeEZms1MlYXqRnNwozpCwugFsAi-ADpX9iiKwyKqbFruSksrHH3SQD2ep_bdIWWBUtoTvPWDs65qU_cokvFRw0CIdPRogN_e9iNd5gCK9ILxHih_xs38LlUPcdXSEutFUMgSy0VFrD7Yex0KohwRdaeE8ppeV7jiWFGe7cVSCVbr2_LCffHKXpXk48KIcmFEAgtj8DorWou7DSp66dOKEA_q9MdkNr_oiSIk5fAQldDmYAgi_Rb9HVoKpeUVOfSAReCKHhitRRBhxr-hZfyUsJZclZ0ntZtCsIJe8c6AkjXRYHClHFxC3i7s_tvRxGPKuMkBp4M2KTKoPwunBL4OR3tUMxtLFsukgC246_W3X_zkkqSjIKvT9sEgYZrQ_AtMrvmfy2ddDzMLqrt-p5nGSFQmfL-o42XIVOZh-QHUHvusqNoe2WGP8LevAxMkKRuvNsLA5GE6tK1Mt2ynjBr3AMRLvq0YTt48fEHRzO8bE-aGIQ1ygay7pxzbNqm21JW8hLTXkTd3XqmW7aEHi4kiU0yxDnRggoiv5Myk1qx3iyXDdJWUI1hHyj-cqawqA8FFhQ1HdSlpccuJxBSkZ8I9qPNrgNsM3D60sCzGGuG3-4JgAQugS8br-COsE-9vU5-ssUeJ0DHSQby4OxyyqAyrKA%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Dc154910a-010c-4b76-b9e0-ff71cc0ef40f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FcSWmeEZsm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=3fmV_xyeETurD0y-sxnE9SmpDZ_n8IKqWMIEFrzpeks; expires=Thu, 09-Feb-2023 13:34:03 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:34:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 12:34:04 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: dd0146fcbf1357840e6aa2cfb33f4584
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
upgulpinon.com/11?rnd=241588895&z=5324394&b=16692475&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=_MfmtOMAWgpVOJ54305NXX1Qqb5uG4tWU0ygQF4JutOvv-03_2gp0PpPX2O2mQlSWUyPME1RT2SPMYEBYrgQFc0tTulcHeqCTeEZms1MlYXqRnNwozpCwugFsAi-ADpX9iiKwyKqbFruSksrHH3SQD2ep_bdIWWBUtoTvPWDs65qU_cokvFRw0CIdPRogN_e9iNd5gCK9ILxHih_xs38LlUPcdXSEutFUMgSy0VFrD7Yex0KohwRdaeE8ppeV7jiWFGe7cVSCVbr2_LCffHKXpXk48KIcmFEAgtj8DorWou7DSp66dOKEA_q9MdkNr_oiSIk5fAQldDmYAgi_Rb9HVoKpeUVOfSAReCKHhitRRBhxr-hZfyUsJZclZ0ntZtCsIJe8c6AkjXRYHClHFxC3i7s_tvRxGPKuMkBp4M2KTKoPwunBL4OR3tUMxtLFsukgC246_W3X_zkkqSjIKvT9sEgYZrQ_AtMrvmfy2ddDzMLqrt-p5nGSFQmfL-o42XIVOZh-QHUHvusqNoe2WGP8LevAxMkKRuvNsLA5GE6tK1Mt2ynjBr3AMRLvq0YTt48fEHRzO8bE-aGIQ1ygay7pxzbNqm21JW8hLTXkTd3XqmW7aEHi4kiU0yxDnRggoiv5Myk1qx3iyXDdJWUI1hHyj-cqawqA8FFhQ1HdSlpccuJxBSkZ8I9qPNrgNsM3D60sCzGGuG3-4JgAQugS8br-COsE-9vU5-ssUeJ0DHSQby4OxyyqAyrKA==&ruid=c154910a-010c-4b76-b9e0-ff71cc0ef40f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=241588895&z=5324394&b=16692475&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=_MfmtOMAWgpVOJ54305NXX1Qqb5uG4tWU0ygQF4JutOvv-03_2gp0PpPX2O2mQlSWUyPME1RT2SPMYEBYrgQFc0tTulcHeqCTeEZms1MlYXqRnNwozpCwugFsAi-ADpX9iiKwyKqbFruSksrHH3SQD2ep_bdIWWBUtoTvPWDs65qU_cokvFRw0CIdPRogN_e9iNd5gCK9ILxHih_xs38LlUPcdXSEutFUMgSy0VFrD7Yex0KohwRdaeE8ppeV7jiWFGe7cVSCVbr2_LCffHKXpXk48KIcmFEAgtj8DorWou7DSp66dOKEA_q9MdkNr_oiSIk5fAQldDmYAgi_Rb9HVoKpeUVOfSAReCKHhitRRBhxr-hZfyUsJZclZ0ntZtCsIJe8c6AkjXRYHClHFxC3i7s_tvRxGPKuMkBp4M2KTKoPwunBL4OR3tUMxtLFsukgC246_W3X_zkkqSjIKvT9sEgYZrQ_AtMrvmfy2ddDzMLqrt-p5nGSFQmfL-o42XIVOZh-QHUHvusqNoe2WGP8LevAxMkKRuvNsLA5GE6tK1Mt2ynjBr3AMRLvq0YTt48fEHRzO8bE-aGIQ1ygay7pxzbNqm21JW8hLTXkTd3XqmW7aEHi4kiU0yxDnRggoiv5Myk1qx3iyXDdJWUI1hHyj-cqawqA8FFhQ1HdSlpccuJxBSkZ8I9qPNrgNsM3D60sCzGGuG3-4JgAQugS8br-COsE-9vU5-ssUeJ0DHSQby4OxyyqAyrKA==&ruid=c154910a-010c-4b76-b9e0-ff71cc0ef40f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=241588895&z=5324394&b=16692475&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=_MfmtOMAWgpVOJ54305NXX1Qqb5uG4tWU0ygQF4JutOvv-03_2gp0PpPX2O2mQlSWUyPME1RT2SPMYEBYrgQFc0tTulcHeqCTeEZms1MlYXqRnNwozpCwugFsAi-ADpX9iiKwyKqbFruSksrHH3SQD2ep_bdIWWBUtoTvPWDs65qU_cokvFRw0CIdPRogN_e9iNd5gCK9ILxHih_xs38LlUPcdXSEutFUMgSy0VFrD7Yex0KohwRdaeE8ppeV7jiWFGe7cVSCVbr2_LCffHKXpXk48KIcmFEAgtj8DorWou7DSp66dOKEA_q9MdkNr_oiSIk5fAQldDmYAgi_Rb9HVoKpeUVOfSAReCKHhitRRBhxr-hZfyUsJZclZ0ntZtCsIJe8c6AkjXRYHClHFxC3i7s_tvRxGPKuMkBp4M2KTKoPwunBL4OR3tUMxtLFsukgC246_W3X_zkkqSjIKvT9sEgYZrQ_AtMrvmfy2ddDzMLqrt-p5nGSFQmfL-o42XIVOZh-QHUHvusqNoe2WGP8LevAxMkKRuvNsLA5GE6tK1Mt2ynjBr3AMRLvq0YTt48fEHRzO8bE-aGIQ1ygay7pxzbNqm21JW8hLTXkTd3XqmW7aEHi4kiU0yxDnRggoiv5Myk1qx3iyXDdJWUI1hHyj-cqawqA8FFhQ1HdSlpccuJxBSkZ8I9qPNrgNsM3D60sCzGGuG3-4JgAQugS8br-COsE-9vU5-ssUeJ0DHSQby4OxyyqAyrKA==&ruid=c154910a-010c-4b76-b9e0-ff71cc0ef40f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=3456d80f174b47c596d8750e74a11510; oaidts=1675946042
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:04 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 9c85274a34cc5c9229a2561048a5b4de
access-control-expose-headers: X-Sc
set-cookie: OAID=3456d80f174b47c596d8750e74a11510; expires=Fri, 09 Feb 2024 12:34:04 GMT; secure; SameSite=None
oaidts=1675946042; expires=Fri, 09 Feb 2024 12:34:04 GMT; secure; SameSite=None
oaidvc=1; expires=Fri, 09 Feb 2024 12:34:04 GMT; secure; SameSite=None
CNT=1_v1_-7T-AAEAAADFS4A_; expires=Thu, 09 Feb 2023 13:34:04 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 12:34:04 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 8c69cd64ec22e38b75dba39f4817f9b7
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
offerimage.com/www/images/fc3eac23b13db35cc738432f8dc6221f.jpeg
104.22.32.172200 OK 13 kB URL HTTP/2 offerimage.com/www/images/fc3eac23b13db35cc738432f8dc6221f.jpeg
IP 104.22.32.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash fc3eac23b13db35cc738432f8dc6221f
e58b72cbeacb2b24b409a28a645c1f075beb205c
c0ecd34edc6d52a07386d82b7e252b7bcb53191a05e05b127b7c96300c527d35
GET /www/images/fc3eac23b13db35cc738432f8dc6221f.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:34:04 GMT
content-type: image/jpeg
content-length: 13417
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62727ea7-3469"
expires: Fri, 10 Feb 2023 09:34:36 GMT
last-modified: Wed, 04 May 2022 13:24:55 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 10762
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 796ca3183e8e0a1d-ARN
X-Firefox-Spdy: h2
oaphoace.net/impression/wOU_M0tHJ_ol1eVCEWHGj8V1VM223PaPvtFILbgFQzAtjmtPF50XSdzP9XYmVSwmKmwinHqOin8TvqB3mipFc4JfNed6eSrTVc4-vhX5_WfjlwAdmOsnObm_lE46S68zVnVEy9PuMf8i4l-GNFgw2j1YOU2NDd3GgdqGYTkwHqF1e66OYG39uKrQAv9zYGCHyLkrsY1zc00Nwhv8o7DpGi7Wz6tzb5i5xS4UzgIOR2LSkfUBw7Y97MYxS0MVTIT-FFMbD3-DZLWrXzKaEkmyYZe9nYL78PqzNrNOzGLPjQhOvpHNKZeb5lMpR_53oM3wq84I7tIt39TKXhICZP203SmVMm1P-hMv01r5AaOVOY6bsZtzfdwLlzCYsr9LX7J82dxOZOVVJXdTNeUfG3hA1S7mvmC5LOpMc1FGAOe8GAm2I7Cbs2cKZO-C3wAyALwHGsrzPqVoSSdtbjhJwQlznQ1ASDAjhlknZiK3_rT3bK6FAhxNJUCsvy50clSaBm0zad0mST4yoq6CUJAkGaeR8KpqXElJWf6WCE8sfC3SdJhC7GwfhpJoao5zhTLv_OiCuIB80lWWjeC_d1AI8xSk4KG6CAQ=?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 oaphoace.net/impression/wOU_M0tHJ_ol1eVCEWHGj8V1VM223PaPvtFILbgFQzAtjmtPF50XSdzP9XYmVSwmKmwinHqOin8TvqB3mipFc4JfNed6eSrTVc4-vhX5_WfjlwAdmOsnObm_lE46S68zVnVEy9PuMf8i4l-GNFgw2j1YOU2NDd3GgdqGYTkwHqF1e66OYG39uKrQAv9zYGCHyLkrsY1zc00Nwhv8o7DpGi7Wz6tzb5i5xS4UzgIOR2LSkfUBw7Y97MYxS0MVTIT-FFMbD3-DZLWrXzKaEkmyYZe9nYL78PqzNrNOzGLPjQhOvpHNKZeb5lMpR_53oM3wq84I7tIt39TKXhICZP203SmVMm1P-hMv01r5AaOVOY6bsZtzfdwLlzCYsr9LX7J82dxOZOVVJXdTNeUfG3hA1S7mvmC5LOpMc1FGAOe8GAm2I7Cbs2cKZO-C3wAyALwHGsrzPqVoSSdtbjhJwQlznQ1ASDAjhlknZiK3_rT3bK6FAhxNJUCsvy50clSaBm0zad0mST4yoq6CUJAkGaeR8KpqXElJWf6WCE8sfC3SdJhC7GwfhpJoao5zhTLv_OiCuIB80lWWjeC_d1AI8xSk4KG6CAQ=?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/wOU_M0tHJ_ol1eVCEWHGj8V1VM223PaPvtFILbgFQzAtjmtPF50XSdzP9XYmVSwmKmwinHqOin8TvqB3mipFc4JfNed6eSrTVc4-vhX5_WfjlwAdmOsnObm_lE46S68zVnVEy9PuMf8i4l-GNFgw2j1YOU2NDd3GgdqGYTkwHqF1e66OYG39uKrQAv9zYGCHyLkrsY1zc00Nwhv8o7DpGi7Wz6tzb5i5xS4UzgIOR2LSkfUBw7Y97MYxS0MVTIT-FFMbD3-DZLWrXzKaEkmyYZe9nYL78PqzNrNOzGLPjQhOvpHNKZeb5lMpR_53oM3wq84I7tIt39TKXhICZP203SmVMm1P-hMv01r5AaOVOY6bsZtzfdwLlzCYsr9LX7J82dxOZOVVJXdTNeUfG3hA1S7mvmC5LOpMc1FGAOe8GAm2I7Cbs2cKZO-C3wAyALwHGsrzPqVoSSdtbjhJwQlznQ1ASDAjhlknZiK3_rT3bK6FAhxNJUCsvy50clSaBm0zad0mST4yoq6CUJAkGaeR8KpqXElJWf6WCE8sfC3SdJhC7GwfhpJoao5zhTLv_OiCuIB80lWWjeC_d1AI8xSk4KG6CAQ=?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=3456d80f174b47c596d8750e74a11510
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:08 GMT
content-type: image/gif
content-length: 43
x-trace-id: 8afc79f9416bdab6671a0369edc2fc46
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 113363afa7cfd484dbc115a9f44c1723
2f9dfb845aa919a51a0b5fa9a824ac4845f669be
a91a045600ef2fdebd582ce453a85f7ce0c9f8be7258baf311d0d940de027c20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 2d4ce596-9a69-4394-8e10-cd5c54687a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzKZ0F2DoAMF6nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf10b-6c4fabe01360b8781bdd8e06;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 05:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R_VDTHUaRhwthD0THsWg42L1OF7lZAX3ENsTfV0U7kkn9o0x-mQ_9g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 13:53:53 GMT
age: 81617
etag: "2f9dfb845aa919a51a0b5fa9a824ac4845f669be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
oaphoace.net/500/5292343?excludes=&oaid=3456d80f174b47c596d8750e74a11510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 oaphoace.net/500/5292343?excludes=&oaid=3456d80f174b47c596d8750e74a11510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5292343?excludes=&oaid=3456d80f174b47c596d8750e74a11510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=359b1583af144ea98985bfa125271f53
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:04 GMT
content-type: application/javascript
x-trace-id: 3d895b4e2284611d162a7a1be0086fc5
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=3456d80f174b47c596d8750e74a11510; expires=Fri, 09 Feb 2024 12:34:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
forfrogadiertor.com/400/5533285
139.45.197.239200 OK 0 B URL HTTP/2 forfrogadiertor.com/400/5533285
IP 139.45.197.239:0
GET /400/5533285 HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:02 GMT
content-type: application/javascript
x-trace-id: 4d5ee0c8942b0378e441506a7a1464ec
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=d3bc4a2a04004837817927a93aebcb42; expires=Fri, 09 Feb 2024 12:34:02 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
forfrogadiertor.com/500/5533285?excludes=&oaid=3456d80f174b47c596d8750e74a11510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 forfrogadiertor.com/500/5533285?excludes=&oaid=3456d80f174b47c596d8750e74a11510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
GET /500/5533285?excludes=&oaid=3456d80f174b47c596d8750e74a11510&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=d3bc4a2a04004837817927a93aebcb42
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: application/javascript
x-trace-id: a4b2be85c93e739119f9f0b6d689766a
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=3456d80f174b47c596d8750e74a11510; expires=Fri, 09 Feb 2024 12:34:03 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=162111509
139.45.197.236200 OK 0 B URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=162111509
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=162111509 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:04 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 36fce8d9168c0625610f02bb23386a3e
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.89.122200 OK 0 B IP 104.21.89.122:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:30:52 GMT
etag: W/"63dd36bc-43b7"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bS5nXaITi2Xhc0oK9ZUTeIHLjW5F1AIxFuOHZ6xq99brXp35SFVkYM5AjiYhDGdZL8vmteSGx8P%2FNkrvGILr3hOqC8hYXYyzCnAGQNSJx16jXbZcdnawoz4QpCp5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796ca3111b04b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upgulpinon.com/27/90f7f588ad5892e2821c323c80d6c1b6
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/27/90f7f588ad5892e2821c323c80d6c1b6
IP 139.45.197.242:0
GET /27/90f7f588ad5892e2821c323c80d6c1b6 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=bbd2ef225dca4c4aacb7d031531a1e20; oaidts=1675946042
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:02 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Wed, 08 Feb 2023 07:51:08 GMT
expires: Wed, 10 Mar 2083 07:51:08 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
oaphoace.net/401/5292343
139.45.197.239200 OK 0 B IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5292343 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: application/javascript
x-trace-id: 778090ba4b90c1b210c737b8a9a9b4df
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=359b1583af144ea98985bfa125271f53; expires=Fri, 09 Feb 2024 12:34:03 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddoan.club/?rb=aARHoJ1u3xQAR_0M7BOoaY4fPESbOeAvLhEwshac8Z_U8_sHpXIk-q9AWjhiuEDaCPhWvNUGQZColMZABLo41iPuqFA5R36euDZ4TXJZL3duZ3VNc4cVT9BZy9whl2NHl9DuENPIM5HejJh6pxgWr9p0thuuvVWzUN9gkBbhJ_pWM7Rv1FvkBKvz-0VQ4Ju38o3JU9EB4eHAOTwQPpK1pfwQhW7z5SLi&request_ab2=0&zoneid=5225632&js_build=iclick-v1.484.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.484.0&bs=93a6db34-6f1b-419f-9e97-117c34135657&userId=3456d80f174b47c596d8750e74a11510&m=link
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddoan.club/?rb=aARHoJ1u3xQAR_0M7BOoaY4fPESbOeAvLhEwshac8Z_U8_sHpXIk-q9AWjhiuEDaCPhWvNUGQZColMZABLo41iPuqFA5R36euDZ4TXJZL3duZ3VNc4cVT9BZy9whl2NHl9DuENPIM5HejJh6pxgWr9p0thuuvVWzUN9gkBbhJ_pWM7Rv1FvkBKvz-0VQ4Ju38o3JU9EB4eHAOTwQPpK1pfwQhW7z5SLi&request_ab2=0&zoneid=5225632&js_build=iclick-v1.484.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.484.0&bs=93a6db34-6f1b-419f-9e97-117c34135657&userId=3456d80f174b47c596d8750e74a11510&m=link
IP 139.45.197.236:0
GET /?rb=aARHoJ1u3xQAR_0M7BOoaY4fPESbOeAvLhEwshac8Z_U8_sHpXIk-q9AWjhiuEDaCPhWvNUGQZColMZABLo41iPuqFA5R36euDZ4TXJZL3duZ3VNc4cVT9BZy9whl2NHl9DuENPIM5HejJh6pxgWr9p0thuuvVWzUN9gkBbhJ_pWM7Rv1FvkBKvz-0VQ4Ju38o3JU9EB4eHAOTwQPpK1pfwQhW7z5SLi&request_ab2=0&zoneid=5225632&js_build=iclick-v1.484.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.484.0&bs=93a6db34-6f1b-419f-9e97-117c34135657&userId=3456d80f174b47c596d8750e74a11510&m=link HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Cookie: OAID=a903784d5c9c48ae94624c1412a7f857; oaidts=1675946042
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: application/json
x-trace-id: 803a0c5b6133a628dcf1935a69070379
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=3456d80f174b47c596d8750e74a11510; expires=Fri, 09 Feb 2024 12:34:03 GMT; path=/; secure; SameSite=None
oaidts=1675946043; expires=Fri, 09 Feb 2024 12:34:03 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 16 Feb 2023 12:34:03 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddien.club/?rb=2Hy3P7LqSO6gcGDWh0ZxFGk0ryxgJ4Oa7PdUkp6WHQGVp5T8n-Om1XiOmnhRPS8Bk8awON-HG97s1nGeQ1kv7M8Q2q8IqmhzRbgDGnhRbdJ8ZLscoEiFv67uIPz1UXWzB9hmg53WyBSK513f1-3zF7cxyjH_B9QNREsrZUSacHC0jVOJEZjrteCMkcZqv61nZaV3bOt5fagIfQtVYAw9pCbGl3BVqnsl&request_ab2=0&zoneid=5535659&js_build=iclick-v1.484.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.484.0&bs=3c4f5629-b757-49c2-aea7-7f5ec2442425&userId=3456d80f174b47c596d8750e74a11510&m=link
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddien.club/?rb=2Hy3P7LqSO6gcGDWh0ZxFGk0ryxgJ4Oa7PdUkp6WHQGVp5T8n-Om1XiOmnhRPS8Bk8awON-HG97s1nGeQ1kv7M8Q2q8IqmhzRbgDGnhRbdJ8ZLscoEiFv67uIPz1UXWzB9hmg53WyBSK513f1-3zF7cxyjH_B9QNREsrZUSacHC0jVOJEZjrteCMkcZqv61nZaV3bOt5fagIfQtVYAw9pCbGl3BVqnsl&request_ab2=0&zoneid=5535659&js_build=iclick-v1.484.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.484.0&bs=3c4f5629-b757-49c2-aea7-7f5ec2442425&userId=3456d80f174b47c596d8750e74a11510&m=link
IP 139.45.197.236:0
GET /?rb=2Hy3P7LqSO6gcGDWh0ZxFGk0ryxgJ4Oa7PdUkp6WHQGVp5T8n-Om1XiOmnhRPS8Bk8awON-HG97s1nGeQ1kv7M8Q2q8IqmhzRbgDGnhRbdJ8ZLscoEiFv67uIPz1UXWzB9hmg53WyBSK513f1-3zF7cxyjH_B9QNREsrZUSacHC0jVOJEZjrteCMkcZqv61nZaV3bOt5fagIfQtVYAw9pCbGl3BVqnsl&request_ab2=0&zoneid=5535659&js_build=iclick-v1.484.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.484.0&bs=3c4f5629-b757-49c2-aea7-7f5ec2442425&userId=3456d80f174b47c596d8750e74a11510&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Cookie: OAID=3ba264ffd6a04e598469a28b3d07a99d; oaidts=1675946043
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: application/json
x-trace-id: 16850c0d1ace9cedeebc4ad51c6c2bb1
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=3456d80f174b47c596d8750e74a11510; expires=Fri, 09 Feb 2024 12:34:03 GMT; path=/; secure; SameSite=None
oaidts=1675946043; expires=Fri, 09 Feb 2024 12:34:03 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 16 Feb 2023 12:34:03 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=3456d80f174b47c596d8750e74a11510
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=3456d80f174b47c596d8750e74a11510
IP 139.45.197.242:0
POST /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FcSWmeEZsm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=3456d80f174b47c596d8750e74a11510 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 52
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=bbd2ef225dca4c4aacb7d031531a1e20; oaidts=1675946042
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:34:03 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: b13ff36ad1e142ea12fe462818a22da2
access-control-expose-headers: X-Sc
set-cookie: OAID=3456d80f174b47c596d8750e74a11510; expires=Fri, 09 Feb 2024 12:34:03 GMT; secure; SameSite=None
oaidts=1675946042; expires=Fri, 09 Feb 2024 12:34:03 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2