Report - happy-u.vip/bgv1?cep=X5dZ0I82xKJW3RWtCHFpCC4A2bGOjdYMsPORxAaGmEPxxGqmVPKz2VHPYAj4V8XDXdoINOAKNr1soGqsEhUMK6g20aV-DQSg23YFrm1Wwt81O6FbM7ECk8qzTQyDiMUlgUEHAykWZTLMmV99Sg1Imvg-JfN4EuklmfiJ6bb6Sx1VwSSuI69IiccipPVIGZaetzTkurkIqXB1wcltjsEQ-D1_T6FxS5JQyvkKGeXYunqzVL3WI5Z3yUx1fbNZQVCY0vx--ZqC43Xf2_2bPFoEW0W-12l916Bpi7J9X2gvOzX4pSgAgZ8vXbjAfTt7KlgO_HQHpZcSgjlawJCFNEa5nuTKGw6kh8iZ1JwgvreCT6lZ98M6WmIvranEz3-9oSP2JUO8aWz-X-ydvLf2W3voRg&lptoken=16df852c470a85cd025d

Report Overview

Submitted URL
happy-u.vip/bgv1?cep=X5dZ0I82xKJW3RWtCHFpCC4A2bGOjdYMsPORxAaGmEPxxGqmVPKz2VHPYAj4V8XDXdoINOAKNr1soGqsEhUMK6g20aV-DQSg23YFrm1Wwt81O6FbM7ECk8qzTQyDiMUlgUEHAykWZTLMmV99Sg1Imvg-JfN4EuklmfiJ6bb6Sx1VwSSuI69IiccipPVIGZaetzTkurkIqXB1wcltjsEQ-D1_T6FxS5JQyvkKGeXYunqzVL3WI5Z3yUx1fbNZQVCY0vx--ZqC43Xf2_2bPFoEW0W-12l916Bpi7J9X2gvOzX4pSgAgZ8vXbjAfTt7KlgO_HQHpZcSgjlawJCFNEa5nuTKGw6kh8iZ1JwgvreCT6lZ98M6WmIvranEz3-9oSP2JUO8aWz-X-ydvLf2W3voRg&lptoken=16df852c470a85cd025d
IP
172.67.216.132
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-30 19:59:07
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
24
Threat Detection Systems
5

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-30	330 B	963 B	104.18.14.101
notix.io	14765	2020-08-20	2020-08-20	2023-05-29	406 B	91 kB	139.45.240.92
fbrewards.com-sna.pw	unknown	unknown	2018-05-05	2019-04-28	797 B	0 B	0.0.0.0
walter-larence.com	208176	2019-03-14	2019-03-30	2023-05-29	395 B	591 B	18.193.146.82
my.rtmark.net	9054	2014-10-29	2015-02-04	2023-05-30	1.0 kB	1.9 kB	139.45.195.8
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-30	340 B	887 B	54.230.80.227
unphionetor.com	54035	2022-02-04	2022-02-11	2023-05-30	1.3 kB	2.1 kB	139.45.197.236
ciscobinary.openh264.org	40822	2013-10-19	2014-10-07	2023-05-30	295 B	512 kB	62.115.252.113
deefauph.com	135892	2021-03-12	2021-03-12	2023-05-30	972 B	16 kB	139.45.197.251
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2023-05-30	513 B	1.2 kB	35.244.181.201
happy-u.vip	unknown	2019-12-18	2019-12-18	2023-05-29	16 kB	265 kB	172.67.216.132
cdn.countryflags.com	459219	1998-08-06	2017-01-30	2023-05-29	470 B	2.8 kB	104.26.14.30
assets.landerlab.io	484499	2019-07-03	2020-11-05	2023-05-29	414 B	9.2 kB	54.230.111.125
propeller-tracking.com	187053	2020-04-14	2020-04-16	2023-05-30	408 B	3.7 kB	139.45.197.240
track.landerlab.io	818681	2019-07-03	2021-07-23	2023-05-29	460 B	890 B	104.18.17.6

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-05-30 19:58:45	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-05-30	medium	com-sna.pw
2023-05-30	medium	com-sna.pw

ThreatFox

No alerts detected

Files detected

URL
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
62.115.252.113
ASN
#1299 Telia Company AB

File type
Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size
512 kB (511815 bytes)
Hash
152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48

Detections

Analyzer	Verdict	Alert
VirusTotal	0/60	VirusTotal -

JavaScript (16)

	URL	Size	First Seen	Last Seen
	unknown	214 B	2023-04-11	2023-11-19
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-11 23:58:24 Last Seen2023-11-19 09:08:37 Times Seen63 Hash c2da4023660d68639d0036209f03f59a a3ff34a05914db641987a3e4010fc2ffa9e54c1a 1849998ac01b01beb06ac1c73d08f664318b0ccf335d69d8a0fe2649b530cd4b Loading...

	happy-u.vip/bgv1/	204 B	2023-03-07	2023-06-18
Pretty URL happy-u.vip/bgv1/ IP 172.67.216.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:56 Last Seen2023-06-18 01:29:09 Times Seen91 Hash 857d6ed8c0e2504cfe6fe7b262fa12d8 13c6e86fe442682b3d884d7d72a5ce4ccb9f0ef4 ee96f6757012ef8f71af45846e8919f8b97bed355c3083c4f3cc9afd4ba4378d Loading...

	walter-larence.com/hp	382 B	2023-03-07	2024-04-26
Pretty URL walter-larence.com/hp IP 18.193.146.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-04-26 00:55:19 Times Seen1250 Hash 10263a40a9d604e06e31e20f0b213918 524c7e3d46f4c3b19319ff3315ba6adfafd5eb3b 1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee Loading...

	propeller-tracking.com/fv.js?t=74797	5.2 kB	2023-03-07	2024-04-24
Pretty URL propeller-tracking.com/fv.js?t=74797 IP 139.45.197.240 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-24 01:48:23 Times Seen2355 Hash 563d777535ce88943a94a6be86f378c8 8753745424d367275e3fe55a5661fe51b1e1fb72 0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a Loading...

	happy-u.vip/bgv1/	2.1 kB	2023-04-13	2023-06-18
Pretty URL happy-u.vip/bgv1/ IP 172.67.216.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-13 12:56:21 Last Seen2023-06-18 01:29:09 Times Seen17 Hash ddb7f07f7b77244a89451a8fad1ad4d9 6c327b9c38cd773a9e69d121f0b8f084949553b4 4b9aa22cf89ff80ef73453584787a1b6b403fb811f47468bb5a0906b340e50fd Loading...

	unknown	37 B	2023-04-11	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-04-26 20:39:22 Times Seen231793 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	happy-u.vip/bgv1/	7.9 kB	2023-03-07	2023-11-19
Pretty URL happy-u.vip/bgv1/ IP 172.67.216.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 15:58:32 Last Seen2023-11-19 09:08:37 Times Seen70 Hash ed5488883a039bc53efe284f04763365 2905d541e74f5166231a64b06e1235c4332db3be 8eddee85fbe6a90a1f43ec89d2991631ee1493bf82db093f307c2446723bb027 Loading...

	track.landerlab.io/p/606dc316bd12e800113ca177?lander_id=f71017d58f7dc15674b0bce93a8d7970	0 B	2023-03-07	2024-04-26
Pretty URL track.landerlab.io/p/606dc316bd12e800113ca177?lander_id=f71017d58f7dc15674b0bce93a8d7970 IP 104.18.17.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 20:52:24 Times Seen37100793 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	notix.io/ent/current/enot.min.js	91 kB	2023-05-30	2023-06-20
Pretty URL notix.io/ent/current/enot.min.js IP 139.45.240.92 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 21:59:09 Last Seen2023-06-20 15:08:41 Times Seen124 Hash 02dfbbb80b22a52c6cdaaeeeef0a8d4a 585a49b7ba0fc697d1d8f6d75a0a9924c6127e1d 8a969554eb2a66662463b4d9a9ada451da48206471e9cf3cc7d8d02fd287ebfb Loading...

	happy-u.vip/bgv1/	1.2 kB	2023-03-07	2023-11-19
Pretty URL happy-u.vip/bgv1/ IP 172.67.216.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 15:58:32 Last Seen2023-11-19 09:08:37 Times Seen70 Hash 0e4e4f24ccf01d7cc8a873e7b38cb98a 161677b5cc1693ee51959c581ff4e0a91ddb2ee9 39d885aaf88608d08011dc6fd20f0badea94539966fa686d53162547d2110446 Loading...

	deefauph.com/pfe/current/micro.tag.min.js?z=4188429&sw=/sw-check-permissions-b5194.js	42 kB	2023-05-30	2023-06-02
Pretty URL deefauph.com/pfe/current/micro.tag.min.js?z=4188429&sw=/sw-check-permissions-b5194.js IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 15:11:01 Last Seen2023-06-02 10:38:31 Times Seen160 Hash 08e98e4f47791d72e641ff48532dc235 a23e14bf683483b3c529d524ce3baa0e01f5291d bb6886cb97046948e4ec675547e499fd99fe80b42584a8f93e0d0335e3d0103b Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a	697 B	2023-03-07	2023-06-18
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2023-06-18 01:29:09 Times Seen164 Hash bd33725f56da891692dff0ac7583d37d 2f5c7d6865087971dd4645d30d6fff57b64fa3fd 66411aa8478bd069ad8a9aa0f2159279c3693da7a7e1fb3b1e53c751e580cfeb Loading...

	happy-u.vip/bgv1/	325 B	2023-03-07	2023-06-18
Pretty URL happy-u.vip/bgv1/ IP 172.67.216.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 15:58:32 Last Seen2023-06-18 01:29:09 Times Seen24 Hash 9a7c9f2062e6b0a67110d356f3e5dc03 7196a46f341d241e6d407f0abcc92bf11d37c0dd fe1d4945f1bcc9d37c2818038c0cd1870b898569169bccdaf7d1c4504e369dd7 Loading...

	unknown	79 B	2023-04-11	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-04-26 20:32:55 Times Seen124551 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	happy-u.vip/bgv1/	52 B	2023-03-07	2024-03-03
Pretty URL happy-u.vip/bgv1/ IP 172.67.216.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:56 Last Seen2024-03-03 10:20:26 Times Seen211 Hash fac61325faade2db3472637666f9c0ab 87ddf39e8fe9df79c3359285f03362b61c488d21 deb1c49b86c3acf4af1a57b33411dad76f19c197e7e17441753051087e00c79d Loading...

	happy-u.vip/bgv1/	497 B	2023-03-07	2023-06-18
Pretty URL happy-u.vip/bgv1/ IP 172.67.216.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:57 Last Seen2023-06-18 01:29:09 Times Seen90 Hash 88b49b1a0114dc77c8fa76983936baa7 637e1a58a8cff916c5fecc192fd60c9e51e7ada4 4d62782390214caa7ce271b534d05cb29a560772b2ed248669389318aa350a34 Loading...

HTTP Transactions (52)

URL IP Response Size

happy-u.vip/bgv1%2Fimages%2Fstatus.png

172.67.216.132

200 OK

404 B

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Fstatus.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 92 x 21, 8-bit colormap, non-interlaced\012- data
Size
404 B (404 bytes)
Hash
2cda8294f2c9ac8680e7630478cf44c6
d35e94e38fb6f8da59106684dc51e4f4a3e6cc84
8ffc78a93ca6bd7774c34203a2f38d9df70990c98d5dda238c40f7940e1c3247

HTTP Headers

GET /bgv1%2Fimages%2Fstatus.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/png
content-length: 404
x-amz-id-2: xKRuxLDY/tC40Rl7tHRh/1n1vF5JJIqvg3lrHPAfYYYRBQYqkmhMQP1L4WTeJ5Z8t1HIdnibNvE=
x-amz-request-id: GH4NQSVG9J533PZC
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "2cda8294f2c9ac8680e7630478cf44c6"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7toXmFXbpz3uZJgzQ9yZP1H83wshauW8pNi5woa%2FBwS5GYeVnzgKowmhhPf8fPoRpQjPVPY4Z9IqVkJINrbQ54%2B%2B7egj%2BJHAxDNE7kEuR8iGU%2Fj2K96wAoVyvxWY4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b5fb517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Fcheckin.png

172.67.216.132

200 OK

457 B

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Fcheckin.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 92 x 21, 8-bit colormap, non-interlaced\012- data
Size
457 B (457 bytes)
Hash
796fc192fcda87bf7bb11977b21c6ee8
3b982842c71acc6c5df6bacade53b9a52c2a77e6
736416d5fe9fbc1e6904232cd5777b8855e846302a1c4994a4dae0996cb28519

HTTP Headers

GET /bgv1%2Fimages%2Fcheckin.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/png
content-length: 457
x-amz-id-2: J1olQHPLTHkGVb+QDLHmytAkjd3Bhdxtr7B8X9eOJpL4qeOvUyYvkZYwwCugh6rB26XD1jovAcU=
x-amz-request-id: GH4SQSEZ5WGSQJ2G
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "796fc192fcda87bf7bb11977b21c6ee8"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIJUKUpQhN0I9y%2FQMO6mchoMBtdGwtO60BgChwDLPaUZSXi3H9esCumyxzKLyfRWpTHGdCG%2FopBP%2F%2FzvRIxsSmq6gOMv807TAo3R1%2F1szRa%2Bk53jRtnNhnJ6HzyvJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b61b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Ficon-search.png

172.67.216.132

200 OK

3.6 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Ficon-search.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 65 x 22, 8-bit colormap, non-interlaced\012- data
Size
3.6 kB (3579 bytes)
Hash
a53737d0c1e722c790cdb73e8a40fae4
58d8cf39a72f15a335190a3a285386edea776526
6034859360e67a648165e4f71cd36da3712a564905318a9145b19e500dd6a369

HTTP Headers

GET /bgv1%2Fimages%2Ficon-search.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/png
content-length: 3579
x-amz-id-2: ZNdEmw/mkMy8Z3Xw2omHy2Ack4HOdmntX8tFQ+K08BoeydIGYIOff619IRHxjk7KFmR/Vxtkw3w=
x-amz-request-id: GH4HNJ0PDZYNXHN3
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "a53737d0c1e722c790cdb73e8a40fae4"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QG71WAfj2cgxUee7P9c3WcFtD%2Btt85COeU2%2BuI52m7N0NuPK1eJUt5KvSZdC3IOXEeEhczXgW1j5lorLEVo4%2BM%2BIxUadb9mM8fAi2VJPAFVD6zzdBGuetxN4sTOXBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba1b5ab517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Fimg2.jpg

172.67.216.132

200 OK

1.3 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Fimg2.jpg
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.3 kB (1297 bytes)
Hash
92b944714cea3e478a8e50dea1a80b26
f12fc267be0ab02e2f3585b42df5b8c10d3cd3a5
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205

HTTP Headers

GET /bgv1%2Fimages%2Fimg2.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/jpeg
content-length: 1297
x-amz-id-2: x39V6fZwJYPgDj5zKzP0Yx2nXlm998imhjFfwb0f6ucvakbdX5w8h3yUgH5Os/634XUoQohhhR0=
x-amz-request-id: GH4QWKC09NWBDV2N
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "92b944714cea3e478a8e50dea1a80b26"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=815Dnnu6JeMV8FdeAHXrcG4nE4eWVzZX80AWxkTlBZno8aVFUXc0ZH%2BYR7hWGc82LlUzRbBmfL1WpkMAWzIWgkdaKXZW1QQKA2UJSBGyTM1lXi1k%2BhptRckc8ylo5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b77b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Ficon-account.png

172.67.216.132

200 OK

251 B

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Ficon-account.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 65 x 22, 8-bit colormap, non-interlaced\012- data
Size
251 B (251 bytes)
Hash
e33b90b3b0967a02d7c9ae8ff6b60f30
47eb5ad0ad785fee87d0621ed776ffe82adc697f
d6168ef356b0aeaeb195b450de21edf25284b7f2c6a2810258ae5603a39e43f9

HTTP Headers

GET /bgv1%2Fimages%2Ficon-account.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/png
content-length: 251
x-amz-id-2: IhEnHbzzh2Sp5ZSnVsmTld/nv4F7DZK9/9s78pNDbOybLTLgOQjlxan0bgIDQgzkirBj5BFUnDk=
x-amz-request-id: GH4RV7NAQ27AKV19
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "e33b90b3b0967a02d7c9ae8ff6b60f30"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0q2FOkOIyFqmzpALrQ9Wzd%2F11WalBxfZ8ir7QIXTAYq5QpWckhZQf1bOHosQLtmLv2y8%2FvQUV%2Fo%2BypVpIcclVXQHZbYLi6x4AvpQuArLEEg%2Bq72Yicivv6M2t9Q8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b5eb517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Fimg1.jpg

172.67.216.132

200 OK

1.3 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Fimg1.jpg
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.3 kB (1315 bytes)
Hash
c3c59916d3b4977017c89125dc42b664
c8e5a97a6e9fbf41558c09c65b2ca6df9ba8723a
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9

HTTP Headers

GET /bgv1%2Fimages%2Fimg1.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/jpeg
content-length: 1315
x-amz-id-2: gc1IjWW4O7N7tpFk7eEtYGCl+/U2g20wW8MmJcoFbHQe+NiMlkyNeQQnFBMlaM02MTvYjAcfVig=
x-amz-request-id: GH4JAWJH321TY3MK
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "c3c59916d3b4977017c89125dc42b664"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5tdTiimF1lcFROv6zVZQPzvufHqDi3R5GXl2yZgZ4swsQ6R2P%2FWxfLoUiNtHd6YfdK2UYzv95xGK%2FgvFY3LmTQLfKFJwpTAaeJtudm9tmBgyhE2IuwarlNul2SLxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b76b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2FEKZrmbS.jpg

172.67.216.132

200 OK

1.7 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2FEKZrmbS.jpg
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.7 kB (1717 bytes)
Hash
36219a038e38decf224738dc56870d0e
824a4648f22839e5fb23184229bbbad3487140be
118e8968971eff8afa6d0ae7ca340f256b661b5096ca3b43f90737c02faade50

HTTP Headers

GET /bgv1%2Fimages%2FEKZrmbS.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/jpeg
content-length: 1717
x-amz-id-2: z0FWXMFhdtygdMPz+ScYYQpfDQAgWoyLkiJ3UdHimv4K7PvfjStfv/sus/o6m6d0WvStbzttxEc=
x-amz-request-id: GH4M94Y1RBDJ1XQV
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "36219a038e38decf224738dc56870d0e"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VObd0pNhRyhbzztx%2BB5iCJKJ01ulCqmT9%2FLcXI2Etd%2FBz1J22sZLuiC9QAZiVKuTtP8N1ExbyGExtJpOv3JlNt3I8Tc2wLbIMPm7AMwl80wpa5DmJCMNfsuTdhr6RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba3b80b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2FKqX499j.png

172.67.216.132

200 OK

1.1 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2FKqX499j.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1109 bytes)
Hash
dd3ca7519448be324f8c3223a276f813
3c5570882d2fcd4d3b1791114a8558df71ef4183
f6b611eebed4c2780c8619e862ddfb71e35e5aeab502640d910fc9f248063dbf

HTTP Headers

GET /bgv1%2Fimages%2FKqX499j.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/png
content-length: 1109
x-amz-id-2: iFiHGbljMBaGhA71if7bpn+GW1FgotsHzjDVcQ0KLjJUBOfj61RQAuxqRZxR02VV/H1usPaz2tI=
x-amz-request-id: GH4J6JPJ3EK5NR43
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "dd3ca7519448be324f8c3223a276f813"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aU7GXCYLXPqTIxpGCBi53tk3Tlee6C8A1Ba44SZC5qVf4NnYCWhH0p%2FVmQ9K6HRnkHmRfUieh4bqJFxX7yvNLaYg8veMWwPdTdCkpPyuh%2FF3KROvN%2Br8SWPfzQuuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba3b86b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2F7wSpKDu.jpg

172.67.216.132

200 OK

1.5 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2F7wSpKDu.jpg
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.5 kB (1547 bytes)
Hash
16d14205120c13b9bb5b64a91a927f47
de90436381960ab243a332b97dbfd661347fe9f1
9452ab566725c6cacae9ab39c1481bdcc1205fb07ae3709b946d8e73072b5324

HTTP Headers

GET /bgv1%2Fimages%2F7wSpKDu.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/jpeg
content-length: 1547
x-amz-id-2: dd+FiQtcxSKojXmT+UZmb2YsnWv9MT7onBy2x9Fo18JYt9I9tyq9zaB+74JuXsj/oErTigAxBE0=
x-amz-request-id: GH4HEMBFSQRW8PXB
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "16d14205120c13b9bb5b64a91a927f47"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVoWw4L9nMNw%2FHreivAUXzuaJrwTxWU8hITQMKrScLp45l2Q07Bb5ltV07JZlUuUQj5kn1FP%2BEl6N6uHn9d9w%2F72yx%2BAtd1rEWcs5XJiHd70da%2F%2BJF7wSHzfPELrag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b7db517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2FDsrKpkj.jpg

172.67.216.132

200 OK

1.5 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2FDsrKpkj.jpg
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.5 kB (1506 bytes)
Hash
0d0f29abfcedc7dfffe3811a5100a6cd
19567e85aab4fd05d752cfa86f88087465042b0a
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393

HTTP Headers

GET /bgv1%2Fimages%2FDsrKpkj.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/jpeg
content-length: 1506
x-amz-id-2: re2LsUlS884mYO4hC7UBlhZlMlftVIlJRVaFzsQI1MvUmTHEu3gHWvnWTEnXpaadtzWGNbcHu98=
x-amz-request-id: GH4P2YBJJEXD5T65
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "0d0f29abfcedc7dfffe3811a5100a6cd"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxvJlLMKRPwHQIVfCyQbfzSEAN4WzMeKoIGNLmbqF4niDf2wxs%2Fu0RXIHs1B5Rqt5FjCXGGatV3o1Ec8192EVRfsDm0BdoqoTYpgluVVbeG3pr2OSPZiyvpVLc0e9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba3b88b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2FplR22yu.jpg

172.67.216.132

200 OK

1.0 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2FplR22yu.jpg
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 51x51, components 3\012- data
Size
1.0 kB (1001 bytes)
Hash
8eaf167dee1c0b4384b854fd68836eb4
be410ab820048230ee32948da6345dbc3c6a2a94
d2ca60af74992ff458ac141945706d2178267d69692a9cd6bdbcfa8d2780a3b2

HTTP Headers

GET /bgv1%2Fimages%2FplR22yu.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/jpeg
content-length: 1001
x-amz-id-2: 8e96MM3o+Mf8WHH8kg26nQ866swoJLpql2x1vayuu7KYKFKdevsfv3yCWqcXjpMknXRQ3iY+Bxo=
x-amz-request-id: GH4WPQ6243P0DMGD
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "8eaf167dee1c0b4384b854fd68836eb4"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9yMHrHKBCkS5FeRXkBcF92reH%2FG1ZJ%2Bb%2FnmEYYa%2FX1a7YaevPtWWSmMfSkCIODSYa%2FxREI6MnbkYCJWRsIgCOQsfSS7ZCEFQJkpxH6ja4N4cawIx5Nz4%2FIiDlZ1gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba3b8cb517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Fred-arrow-left.png

172.67.216.132

200 OK

493 B

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Fred-arrow-left.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Size
493 B (493 bytes)
Hash
5db20018a0fac6b541260df23929db91
3f438440cc0e414f7f7c47fd6be642a9abda85ba
138800c53f456513cc20c3a21110f5cc9b984de9ce6652adc9e7bcd7d9b3c8b7

HTTP Headers

GET /bgv1%2Fimages%2Fred-arrow-left.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/png
content-length: 493
x-amz-id-2: KhNhALbjzIQx6wZo2SYa1jqPWWgOpH8zNIkhGqwxYQ6UzFVHnn4Y8t+1SXOYBY1ADNK8DKurvdw=
x-amz-request-id: GH4Z1Z2M5K1PW6P7
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "5db20018a0fac6b541260df23929db91"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7dIY%2Fx4UCCl8XYzXtJUX78fmhyhS90zFpNXqfgbta%2B8XOf4YHQuEmuLwdNo3qXCg2A5pNEJuOt6py1YpPUHrQChOjDwB8gHWSofALZlVh41Jw2ibTnsAlnduF24Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b64b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2F3temv7e.jpg

172.67.216.132

200 OK

1.2 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2F3temv7e.jpg
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.2 kB (1169 bytes)
Hash
a848711320a9df61e6457f65b0dfa9fb
68a62a84d89f4f9e1e831a6cef920797c7f2e7d5
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0

HTTP Headers

GET /bgv1%2Fimages%2F3temv7e.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/jpeg
content-length: 1169
x-amz-id-2: u8wpaeuK2afuGscDzhM8d4JYbNX2icSC1UwNTHqSPb7xIhke6HNGP3w03WRAWo0e7JgHHyuLEi4=
x-amz-request-id: GH4SQ2M5Y48DGRSF
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "a848711320a9df61e6457f65b0dfa9fb"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWSzC9XNsYKOGnbbnKu5c9Na%2F0U2gkcXXB1sCA%2FE0%2FVzbpEQ4uKnVnLuDTp6hpvUxgsetdXxjlpoNH1e4%2B5IeXBre8mGq%2BS0RaN3BW2mv2ZxUIouk0%2BHbju3VjZGPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b79b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Fphoto.png

172.67.216.132

200 OK

372 B

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Fphoto.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 92 x 21, 4-bit colormap, non-interlaced\012- data
Size
372 B (372 bytes)
Hash
e353bbf718baf082a548932439b6a8ee
18bc9fb3b1a00a7732173a6aad1ebbb608248bf3
c2c7afb9a455ea1a40b187fc3ac78170834905ee5db39820870843ddd3028544

HTTP Headers

GET /bgv1%2Fimages%2Fphoto.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/png
content-length: 372
x-amz-id-2: VAXosJggpCU1gvASdOl8ai5i2obfuZJm3mRNRB6hkf51wVIx3bFCDyLLX8rR+ea11FXMHm15nTE=
x-amz-request-id: GH4HKTPB91V55P9P
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "e353bbf718baf082a548932439b6a8ee"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3jf7jnQiph2f6M0%2FAnAXIG6B4aXuXjmeyWEP9t6Ek8O5dtMmNk5SaJjNMNcFvfa34CyWyZf60LAWyZqB1G%2FWbTPiRKgYyZTlaLtOYlKwQ7ry87xNj4nxOJvhxcp0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b60b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2FyEUMY3v.jpg

172.67.216.132

200 OK

1.6 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2FyEUMY3v.jpg
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.6 kB (1608 bytes)
Hash
5da3831556c780010e0e5c5b967e43ce
574623afde349258b91d44849ef16d483b61e223
45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07

HTTP Headers

GET /bgv1%2Fimages%2FyEUMY3v.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/jpeg
content-length: 1608
x-amz-id-2: Z/RAihyyr9BRyebGjRTvcykbe/PJmkyEkE1WHNxKggXcRHYRCM9DsA8lgwCiQE/81AxR5f5Dtlo=
x-amz-request-id: GH4PWBQC4F39921M
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "5da3831556c780010e0e5c5b967e43ce"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1B4c27HTxMgZn4O3jF9o2zi8NadTvSz%2Bh%2F8rcKRIW2Yq0i44x5AGvVKWrFUHtHjsTZr6The2Kjk1uQeF3foBRmhT7Now%2BFnKGqRnpRYvd%2F7Ls9eOg%2Fb1yBNClcCnmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba3b82b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Fred-arrow-right.png

172.67.216.132

200 OK

495 B

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Fred-arrow-right.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Size
495 B (495 bytes)
Hash
f4f08e109654f7b401d113816dff5e2c
3cd201d6460e432ff5d8934c1554eeeb32ba02f4
88b4c9e5c7abeaed6e442d233266272e8048f035434fe3af5edcda9052f138ac

HTTP Headers

GET /bgv1%2Fimages%2Fred-arrow-right.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/png
content-length: 495
x-amz-id-2: aaaLqoxXG1j6qLtrSGERUDglAsYKKJb44cOEKwlMfK6giQJ8ItGe2WMSNOFBWiJVfYTwe0jhioo=
x-amz-request-id: GH4GKX0KXBAY3Q9W
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "f4f08e109654f7b401d113816dff5e2c"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DF0Z8PqcaVRqXeBB9%2FDBDdOHDR3GtlXc7ewwtyhH%2BiTtBECoGvhTA%2FFkiZOzfvCAaVMiGXRpDLp7ZPym8A4ceZ%2BGK9T7ac3pV2VWLtd8hE9qKdjyWTM2uGv%2BxJkLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b65b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Flogo.png

172.67.216.132

200 OK

243 B

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Flogo.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 16 x 16, 4-bit colormap, non-interlaced\012- data
Size
243 B (243 bytes)
Hash
66c23a105121bf693e5fda5aa232cd2c
5b7688e4db7f216de02ffa8fdb7d33cf684fe7f1
0d0d7c6b70ad170073dad654669a7fcdaaddb46929d6fa5567e9ed93f5680d8f

HTTP Headers

GET /bgv1%2Fimages%2Flogo.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/png
content-length: 243
x-amz-id-2: lPNspT6ep2J2vu0sNh/w8T1RajD3jRfGy0MvnMDuD0/C2trWjN84aZhgjFeudgA9GWQc74BUa7Q=
x-amz-request-id: GH4KKBPA2QR99HCV
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "66c23a105121bf693e5fda5aa232cd2c"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhxpdGHpQlhWlNwp5F4SN0uUJB%2F3POOBoGvbUVH8fiquhYMwBSNBoR0jBzR%2B%2Fxi2dAwEg6lHdjKdqwTlVyp8CPG3JdeYDtds6DBJCHG%2B%2B1LrOtoqAE373R1Sb6pbiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba3b8fb517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Fslot-start.png

172.67.216.132

200 OK

22 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Fslot-start.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Size
22 kB (22059 bytes)
Hash
244e8f79da0526379203f0429ed8ae1f
73f652c94f5089ca3feeea0946331b711d8efa37
1e11461e5c27dd50a536a8ec0674b627168d061654ceae7f82fa9c7834b525a6

HTTP Headers

GET /bgv1%2Fimages%2Fslot-start.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/png
content-length: 22059
x-amz-id-2: z9hON9k+jC5Uv35atoxFampro2laBgTvgE/i1Eb2q1nYxgv/zN3lL0PBCVCipSnI9XkoV+DrUfE=
x-amz-request-id: GH4SDWPBY21659ZG
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "244e8f79da0526379203f0429ed8ae1f"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1pBooaTTzIQuD0fYNF%2B7ggNesaRUiH1I5g0Qpw9kPFG1nWVc%2BkSVwqMHKQEUin5JwWTVUK8YN0jS9KK0g8s7z9ovF1pWRo0lWOxe7A2iPJ2PER5Jxa051PE817WEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b69b517-OSL
alt-svc: h3=":443"; ma=86400

my.rtmark.net/p.js?f=sync&lr=1&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a

139.45.195.8

200 OK

697 B

URL GET HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT

File type
ASCII text
Size
697 B (697 bytes)
Hash
bd33725f56da891692dff0ac7583d37d
2f5c7d6865087971dd4645d30d6fff57b64fa3fd
66411aa8478bd069ad8a9aa0f2159279c3693da7a7e1fb3b1e53c751e580cfeb

HTTP Headers

GET /p.js?f=sync&lr=1&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 19:58:44 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

happy-u.vip/bgv1%2Fimages%2F9PH2QqX.jpg

172.67.216.132

200 OK

1.6 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2F9PH2QqX.jpg
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.6 kB (1623 bytes)
Hash
102933136ea4fe862f931bb364ad8c51
b0f114f9d39fd228827a75b25c408a4a2adab61b
d62bdcc9ca536db0ec677242f218332ebf4a0f0372e6f57ddf19ef9a5d1aa2f1

HTTP Headers

GET /bgv1%2Fimages%2F9PH2QqX.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/jpeg
content-length: 1623
x-amz-id-2: +kjOxyPYCcAAjOedUpOVkX1Fukp5ix4taiprW/gqGUegp9LSAxKjqRr2MqgOnzhshSbLxbAkSqI=
x-amz-request-id: GH4Y7HYFR4ZJTA5K
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "102933136ea4fe862f931bb364ad8c51"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYBLzZ0ATq7IdeBtAkdQQHceOvmEletxnR2%2F%2Bn7Onte11OnT83Q0sLqQTvXVTslBe6Soo2L1%2B8X%2BbK3LKcV7llcI19DM0MkXfenLQrNXZpO02onbjtbokh6MMp5D6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b7fb517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Fslot-win.png

172.67.216.132

200 OK

14 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Fslot-win.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Size
14 kB (13522 bytes)
Hash
ad463090b233af33d543c66279082ef7
c5c076022496220069ada53b61e360115d633ec1
3f3ba843f8336a629438b345bfd4e85a17745c9941105fe2bc96081c01860050

HTTP Headers

GET /bgv1%2Fimages%2Fslot-win.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: image/png
content-length: 13522
x-amz-id-2: joIsYxyHIr8YkN3G3ajPUd+A++4CnB1xeBQS+MPcTx6iYH0KzWRyUZTZ7ljuYt/+2WDlm5YG0Qs=
x-amz-request-id: GH4PF4JBTC32CNFR
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "ad463090b233af33d543c66279082ef7"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NJ%2FyPtbcZJLnOm%2FhTV4M4fuYVTIwSsBn1D9ZXe7frl02W54oIU6%2FeKRbvVXUSfm8UJhHqVJTP90wDGUPpTbIgVf2iefp%2FE%2BNjghl0AJKeqvXmDjKp1ZKa48XwKzZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b73b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Fslot-result-1.png

172.67.216.132

200 OK

18 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Fslot-result-1.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Size
18 kB (17883 bytes)
Hash
ec844a2e36c13835d34f1bac0db0498c
8b334e469dfbe6ebae1b3c58d6567efc654c5fa9
5038f4c7ab64de7b0a0523253a60f0ac5af53ce9b522d67ed6b8dcd28cd9a07c

HTTP Headers

GET /bgv1%2Fimages%2Fslot-result-1.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:45 GMT
content-type: image/png
content-length: 17883
x-amz-id-2: XLAwrDn+B8Mi06sw8VGt4gTOuzgbB8w3MdlWWhtEvxCN9yz/QsqNTRFIww+ZVazP7p/eF5phKIs=
x-amz-request-id: GH4S92B9EK5CEVFC
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "ec844a2e36c13835d34f1bac0db0498c"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osUMjtG6YT9Q%2B%2BsZs93ODNdkOAlUWjxNAE1V2Y6SnAhemJUVvrLZYx7B5st1WqJY%2BGCTflYv%2BrMsx2ZTYIyLqoROSKiNQZW7AcT9yEnG7ITCekeY9GfjGW7zQdPnoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b6eb517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2FyWwCB4c.jpg

172.67.216.132

200 OK

1.9 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2FyWwCB4c.jpg
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.9 kB (1871 bytes)
Hash
d1b07f775527dbe2e3f4a63cf2bedc56
591e43ae55c2c6596b850a9ba6e3fa62dcde9c06
9b5f9beceae5873611200a408662ef812bbc682bd6996db552e066bfc0f41639

HTTP Headers

GET /bgv1%2Fimages%2FyWwCB4c.jpg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:45 GMT
content-type: image/jpeg
content-length: 1871
x-amz-id-2: 8Ly6OaFlPt9Ik2HP2Mh/uG92xEp6DXLQaGiW1wSOWJsy7ydLnoUsOEfsDsxpSuCpIbOciEG0jP0=
x-amz-request-id: GH4XTNN3JNQ79559
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "d1b07f775527dbe2e3f4a63cf2bedc56"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lN6O4E9kL7jAmX%2FlmErFygLu9p62ocvS6hNM3LG5jxkmpMAdkxx1SQ3Nh8ChGwDDSM7a1f4cHHFq5yC8qjXVANEHPO6pEAdBh1NS3RhAE1QrC2d%2B5qa8PoxnWF5q2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b78b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1%2Fimages%2Fslot-result-2.png

172.67.216.132

200 OK

23 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Fslot-result-2.png
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Size
23 kB (22914 bytes)
Hash
2510ea89d6674e700170ea8438045cbb
f26b53e2875b396f3b208a15052133a06ace1f2f
4fb6cef2f7a06048bec380e22f1ab9b70c45672e59cbe83dda68763406340103

HTTP Headers

GET /bgv1%2Fimages%2Fslot-result-2.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:45 GMT
content-type: image/png
content-length: 22914
x-amz-id-2: NcsZRd9fWGU616pPdvI1oHkYjBVMsKHIrpxuHd0qDiTaZGSEyeSLqFEQtCMV8j4/sRHq0Yk6xY4=
x-amz-request-id: GH4S1NBS0S9XK36C
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "2510ea89d6674e700170ea8438045cbb"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUQKtz0zFqE%2BJGYIbptBHkk50xjjKkVC0%2BNBPzNuQRmFnO008AXQp%2B%2FN2vJC7imT4O3jyl%2B7PWi%2Fa1Y7DuwHBC42JAN%2FUpWHRkt6bIKnT926SzYC2NL0sEJXaszpKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b71b517-OSL
alt-svc: h3=":443"; ma=86400

cdn.countryflags.com/thumbs/bulgaria/flag-button-square-250.png

104.26.14.30

200 OK

2.1 kB

URL GET HTTP/2
cdn.countryflags.com/thumbs/bulgaria/flag-button-square-250.png
IP
104.26.14.30:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7C:2E:40:3B:A3:39:9A:9C:12:D8:1C:07:27:99:E5:BB:56:74:6C:19
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit colormap, non-interlaced\012- data
Size
2.1 kB (2091 bytes)
Hash
3f0bf22f5b1b69cfbceac506951d3afc
edd3361f44f2971f96af94cff3ea35a485061dfa
2c6c2c194cbcf3b0b62d748b79e5c09d3d0ecc4021f23182966272219939e2e1

HTTP Headers

GET /thumbs/bulgaria/flag-button-square-250.png HTTP/1.1
Host: cdn.countryflags.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 30 May 2023 19:58:45 GMT
content-type: image/png
content-length: 2091
last-modified: Tue, 29 Nov 2016 08:41:36 GMT
etag: "82b-5426c8e5e5000"
cache-control: max-age=2678400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARzih7wwjBW4VdDIlYWrlZifAjNgdmvKJK3mplw%2Fd0lwmg%2Fzwh2g2MTST4NDLsfoHZ4agbiyTGj8SotNE%2FbUAGwywV%2Bs%2Fqk4LqEZlvIT3mwbYUAA3Zu2%2FJxIdxylKXgxl6P9AJly"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba6c34b4f3-OSL
X-Firefox-Spdy: h2

happy-u.vip/bgv1%2Fimages%2Fslot-spin.gif

172.67.216.132

200 OK

74 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fimages%2Fslot-spin.gif
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
GIF image data, version 89a, 410 x 279\012- data
Size
74 kB (73808 bytes)
Hash
20c1e25bf5d1de526cef9a215cc9f996
67a934664e96950e3ba1722fbaae8ce024789cc0
3fd606b3ec90e6e1e9babfa90bcf35aef37607df5083f42c2285113f8137d39c

HTTP Headers

GET /bgv1%2Fimages%2Fslot-spin.gif HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:45 GMT
content-type: image/gif
content-length: 73808
x-amz-id-2: Ia0kysJN6pp09QjN5+a0kd67qYqJo2SEH72KXetpqGDx1wPQyP6IDUgpM6yU/izY8s3pE3M5bUU=
x-amz-request-id: GH4SF5JMKN217M7G
last-modified: Tue, 14 Sep 2021 10:23:05 GMT
etag: "20c1e25bf5d1de526cef9a215cc9f996"
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ko4cgSwz3qMFRv1%2F%2BhZD8wys55vFbHcX0%2FjXeHD4bB5PgCzOAAH24Wac6bOtE6k0bNo4%2FZiJoDl512k1%2F6llWyC6fThMAUgGToe3dERRv7CtaWi7SRnMG1OKdeU8qA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba2b6ab517-OSL
alt-svc: h3=":443"; ma=86400

ocsp.sectigo.com/

104.18.14.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
33f3a2534033e168080efb0079801e28
8f79fb6c128d0da6c1c98b42245094f53be38011
4dbb15ea414a4872026a712e2fcb96d5635138cd899553325e47be88cfbd86fa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 30 May 2023 19:58:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 08:20:03 GMT
Expires: Sun, 04 Jun 2023 08:20:02 GMT
Etag: "8f79fb6c128d0da6c1c98b42245094f53be38011"
Cache-Control: max-age=390078,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cf98dbb9a661c06-OSL

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4271624c9e3c2fdb82bc2885ba9ce47d
cbb5b903e095c915252129f1a01fd5ec766678a0
67172ee960413554a00d90a45e76b1a621e031b6b84dd871b1c4c4f5867e5f72

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=7200'
Date: Tue, 30 May 2023 19:58:45 GMT
Etag: "646f4152-1d7"
Server: ECAcc (dcb/7339)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pxvLpZQfJkL_8m220oJhcQ3vktkd4CF_W1ljHJWYk57pMRj9tCptBQ==

assets.landerlab.io/base.css

54.230.111.125

200 OK

8.7 kB

URL GET HTTP/2
assets.landerlab.io/base.css
IP
54.230.111.125:443
ASN
#16509 AMAZON-02

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerAmazon
Subject*.landerlab.io
Fingerprint18:96:61:B0:E4:94:7F:B9:1A:6D:33:DE:CB:3E:EC:3F:D0:B4:8D:58
ValidityThu, 23 Feb 2023 00:00:00 GMT - Sat, 26 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (8731)
Size
8.7 kB (8732 bytes)
Hash
7f6de4e86d84bcbfd919f155e7545439
e7d9a7a418519c3fbce6de3c85775087cba93b49
8d8c59c2712df25a26ecd01739496e49c3514a9341fa3cd21cfa98627ba6efa2

HTTP Headers

GET /base.css HTTP/1.1
Host: assets.landerlab.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 8732
date: Mon, 29 May 2023 23:23:50 GMT
last-modified: Sat, 29 May 2021 19:05:04 GMT
etag: "7f6de4e86d84bcbfd919f155e7545439"
x-amz-version-id: 0sEXTlrAazg9KkJm7sv1lqt808WfgxiL
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 33bh6Rhe3i27Qx0QnlSThoQvCL1l75rYsIEJl6L-6l3xxGDhc_6adw==
age: 74096
X-Firefox-Spdy: h2

propeller-tracking.com/fv.js?t=74797

139.45.197.240

200 OK

3.0 kB

URL GET HTTP/2
propeller-tracking.com/fv.js?t=74797
IP
139.45.197.240:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerSectigo Limited
Subjectpropeller-tracking.com
Fingerprint29:14:4F:57:5D:49:BB:13:F2:11:B7:FD:18:B4:E8:63:D4:8B:DC:06
ValidityFri, 04 Nov 2022 00:00:00 GMT - Mon, 06 Nov 2023 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
3.0 kB (3011 bytes)
Hash
c0b81f825d0cb1601e42ee4e5d79c924
9befeae865c6eaeb26a98ad8aadf2c4b12d21490
228aded0536c549fb6e30f4d2feec19ee96f67e483324de45b7a758854f1cd1a

HTTP Headers

GET /fv.js?t=74797 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 19:58:45 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: a175838c7924c0244fa357b2920198ea
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

happy-u.vip/bgv1/sounds/alert.ogg

172.67.216.132

404 Not Found

859 B

URL GET HTTP/3
happy-u.vip/bgv1/sounds/alert.ogg
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
data
Size
859 B (859 bytes)
Hash
9a76848f4665b87fe22c98c3477ca2bb
9d6ac9e302facff56e170e586c9ef46d55f65252
9da2b2b09051ee620ee7efcf2166f9db549117c1749accac5163273e7964ff1c

HTTP Headers

GET /bgv1/sounds/alert.ogg HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Tue, 30 May 2023 19:58:45 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: Z4KHQDH76R3BBBBZ
x-amz-id-2: x3bei/0XVyYQz5x07rW3kORaMuomK0Rfptt6OV+7mxwbPi/Y2T2wEneGG0nxQd0z04uh71rkeKc=
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLSeW1z583Jqo4wm0sS5BGNBIvgmyTuJi5yIuGP8jntO48Q2Ftyhu6248LBJKHZ4EFnuLW0FGmWA5IRJpPh2v5FeSk4sASG5tsUETzfUUNOPCA1RRQre0zPJXkkfSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dbf0becb517-OSL
alt-svc: h3=":443"; ma=86400

unphionetor.com/vctx?t=74797

139.45.197.236

204 No Content

0 B

URL GET HTTP/2
unphionetor.com/vctx?t=74797
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjectunphionetor.com
Fingerprint4B:AB:04:0A:B6:60:F0:0A:CD:92:AC:93:15:79:CF:21:57:6D:1B:97
ValiditySat, 18 Mar 2023 19:00:29 GMT - Fri, 16 Jun 2023 19:00:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /vctx?t=74797 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://happy-u.vip
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Tue, 30 May 2023 19:58:45 GMT
access-control-allow-origin: https://happy-u.vip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: f23021d0b522d1c9b7cfcb56da39d658
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

unphionetor.com/vctx?t=74797

139.45.197.236

204 No Content

0 B

URL GET HTTP/2
unphionetor.com/vctx?t=74797
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjectunphionetor.com
Fingerprint4B:AB:04:0A:B6:60:F0:0A:CD:92:AC:93:15:79:CF:21:57:6D:1B:97
ValiditySat, 18 Mar 2023 19:00:29 GMT - Fri, 16 Jun 2023 19:00:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /vctx?t=74797 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://happy-u.vip
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Tue, 30 May 2023 19:58:45 GMT
access-control-allow-origin: https://happy-u.vip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: a77475b38effabc4a3d4b51366884aa6
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

track.landerlab.io/p/606dc316bd12e800113ca177?lander_id=f71017d58f7dc15674b0bce93a8d7970

104.18.17.6

200 OK

0 B

URL GET HTTP/2
track.landerlab.io/p/606dc316bd12e800113ca177?lander_id=f71017d58f7dc15674b0bce93a8d7970
IP
104.18.17.6:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerCloudflare, Inc.
Subjectlanderlab.io
FingerprintE5:19:57:65:1C:8A:4A:59:2F:10:FC:CE:EC:7C:74:C3:C9:6E:04:49
ValidityFri, 07 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/606dc316bd12e800113ca177?lander_id=f71017d58f7dc15674b0bce93a8d7970 HTTP/1.1
Host: track.landerlab.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 May 2023 19:58:45 GMT
content-length: 0
cache-control: no-cache
set-cookie: worker_cookie=N4Igdgpg7g+gFgSwC4wQExALhAZgGwBGADAIwBMAnAIYC0JEVRNALDgMYQ0EVsDsNRAgFYhvam2ZCizEABoQANwQBnZKgzYAHBBLEKFJkLKbmLNjhw0qeNkJpCcVMnzyESaPHMUq1SBAFsIZSQqfwAHLBAyIjJLIjscIgAVEgpMIU1MSQA6XkSALS8lVSQAewAndUi2PAAzIWsIOzxdfmYqNAIrMht7ITQidiaG9i82ULCqBABzMCrsPCI8NHMSQjRyCE0iUhJ2KhJeXi8wUrQIGDY4KbAsAG0AXXkVGEgoLFqqABtlCABfIA===; Expires=Wed, 31 May 2023 19:58:45 GMT; Domain=track.landerlab.io; Path=/; SameSite=None; Secure
__cf_bm=ZHRLnSS7CoYqL79N0w2LIQ2MWmFAmKqlpSvyjtKXLnQ-1685476725-0-Aag0kFLI5C9hocVVTFGvAZnlU5IpyJYzzkvYY8dw9HEIhF9nOXIh/CSkgKQUi9EP1iY9mvsstXJzZAAJxHobUHI=; path=/; expires=Tue, 30-May-23 20:28:45 GMT; domain=.track.landerlab.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dbfcca1b4f4-OSL
X-Firefox-Spdy: h2

deefauph.com/zone?&pub=0&zone_id=4188429&is_mobile=false&domain=happy-u.vip&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest

139.45.197.251

200 OK

0 B

URL POST HTTP/2
deefauph.com/zone?&pub=0&zone_id=4188429&is_mobile=false&domain=happy-u.vip&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjectdeefauph.com
Fingerprint31:9A:4F:89:02:91:AE:2A:8F:3A:45:32:15:99:BC:91:72:5F:DC:02
ValiditySun, 21 May 2023 05:15:27 GMT - Sat, 19 Aug 2023 05:15:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=4188429&is_mobile=false&domain=happy-u.vip&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://happy-u.vip
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 19:58:45 GMT
content-length: 0
x-trace-id: 1db0bc27bc9e236c71d2c7d6ffbe38a3
access-control-allow-origin: https://happy-u.vip
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

deefauph.com/pfe/current/micro.tag.min.js?z=4188429&sw=/sw-check-permissions-b5194.js

139.45.197.251

200 OK

15 kB

URL GET HTTP/2
deefauph.com/pfe/current/micro.tag.min.js?z=4188429&sw=/sw-check-permissions-b5194.js
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjectdeefauph.com
Fingerprint31:9A:4F:89:02:91:AE:2A:8F:3A:45:32:15:99:BC:91:72:5F:DC:02
ValiditySun, 21 May 2023 05:15:27 GMT - Sat, 19 Aug 2023 05:15:26 GMT

File type
C source, ASCII text, with very long lines (42013), with no line terminators
Size
15 kB (14803 bytes)
Hash
08e98e4f47791d72e641ff48532dc235
a23e14bf683483b3c529d524ce3baa0e01f5291d
bb6886cb97046948e4ec675547e499fd99fe80b42584a8f93e0d0335e3d0103b

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=4188429&sw=/sw-check-permissions-b5194.js HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 19:58:45 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 12:46:17 GMT
etag: W/"6475f019-a41d"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

unphionetor.com/vbl?t=74797&bid=undefined&aid=undefined

139.45.197.236

204 No Content

0 B

URL POST HTTP/2
unphionetor.com/vbl?t=74797&bid=undefined&aid=undefined
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjectunphionetor.com
Fingerprint4B:AB:04:0A:B6:60:F0:0A:CD:92:AC:93:15:79:CF:21:57:6D:1B:97
ValiditySat, 18 Mar 2023 19:00:29 GMT - Fri, 16 Jun 2023 19:00:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /vbl?t=74797&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://happy-u.vip
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 30 May 2023 19:58:45 GMT
access-control-allow-origin: https://happy-u.vip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 617a47943665905a5d19248b8da8b5ef
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a&ttl=&rurl=https%3A%2F%2Fhappy-u.vip%2Fbgv1%2F

139.45.195.8

200 OK

43 B

URL GET HTTP/2
my.rtmark.net/img.gif?f=sync&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a&ttl=&rurl=https%3A%2F%2Fhappy-u.vip%2Fbgv1%2F
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=67c006a00db193d37627fba7e3ea754bf5ba407dea3b822db9bccd1950a8556a&ttl=&rurl=https%3A%2F%2Fhappy-u.vip%2Fbgv1%2F HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 19:58:46 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c2c9e065bcfe4ca2a1dc65c6c615717a; expires=Wed, 29 May 2024 19:58:46 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-72-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

445 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-72-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XML document, ASCII text, with very long lines (332)
Size
445 B (445 bytes)
Hash
d39546249a86d29697ea6b389afd84f2
244ce5f2d9a3e80da843e527f35cae0b9d9e20be
ba339c9812783530a739e05b9bc0ec254d9c22eb13779e8e5be5860a192f8c80

HTTP Headers

GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-72-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: 17805
rule-data-version: 1
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2023-06-30-14-14-56.chain; p384ecdsa=KLGuHllPxNzwS6QpVeKMxqoL7ar6NNwifogHeyEmpwW4aEGsG6dYdT8qCxIV46dAXzonPXCRx_SDNA0kUMMDXqA8kEj8FrPN36LBcDfPlGNmC9zvmbKXKHOMknlMoiil
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Tue, 30 May 2023 19:53:11 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 445
age: 352
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

happy-u.vip/bgv1?cep=X5dZ0I82xKJW3RWtCHFpCC4A2bGOjdYMsPORxAaGmEPxxGqmVPKz2VHPYAj4V8XDXdoINOAKNr1soGqsEhUMK6g20aV-DQSg23YFrm1Wwt81O6FbM7ECk8qzTQyDiMUlgUEHAykWZTLMmV99Sg1Imvg-JfN4EuklmfiJ6bb6Sx1VwSSuI69IiccipPVIGZaetzTkurkIqXB1wcltjsEQ-D1_T6FxS5JQyvkKGeXYunqzVL3WI5Z3yUx1fbNZQVCY0vx--ZqC43Xf2_2bPFoEW0W-12l916Bpi7J9X2gvOzX4pSgAgZ8vXbjAfTt7KlgO_HQHpZcSgjlawJCFNEa5nuTKGw6kh8iZ1JwgvreCT6lZ98M6WmIvranEz3-9oSP2JUO8aWz-X-ydvLf2W3voRg&lptoken=16df852c470a85cd025d

172.67.216.132

302 Found

15 kB

URL User Request GET HTTP/2
happy-u.vip/bgv1?cep=X5dZ0I82xKJW3RWtCHFpCC4A2bGOjdYMsPORxAaGmEPxxGqmVPKz2VHPYAj4V8XDXdoINOAKNr1soGqsEhUMK6g20aV-DQSg23YFrm1Wwt81O6FbM7ECk8qzTQyDiMUlgUEHAykWZTLMmV99Sg1Imvg-JfN4EuklmfiJ6bb6Sx1VwSSuI69IiccipPVIGZaetzTkurkIqXB1wcltjsEQ-D1_T6FxS5JQyvkKGeXYunqzVL3WI5Z3yUx1fbNZQVCY0vx--ZqC43Xf2_2bPFoEW0W-12l916Bpi7J9X2gvOzX4pSgAgZ8vXbjAfTt7KlgO_HQHpZcSgjlawJCFNEa5nuTKGw6kh8iZ1JwgvreCT6lZ98M6WmIvranEz3-9oSP2JUO8aWz-X-ydvLf2W3voRg&lptoken=16df852c470a85cd025d
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
data
Size
15 kB (15085 bytes)
Hash
8352611bdec1d84cbfdb16b12218e31b
64d14ea83db823b43203fabe49152d5aebb3a46a
247c8260c6e67c9c74871ad6524a63e6f91f39d307ec36b7a2151b914964aa87

HTTP Headers

GET /bgv1?cep=X5dZ0I82xKJW3RWtCHFpCC4A2bGOjdYMsPORxAaGmEPxxGqmVPKz2VHPYAj4V8XDXdoINOAKNr1soGqsEhUMK6g20aV-DQSg23YFrm1Wwt81O6FbM7ECk8qzTQyDiMUlgUEHAykWZTLMmV99Sg1Imvg-JfN4EuklmfiJ6bb6Sx1VwSSuI69IiccipPVIGZaetzTkurkIqXB1wcltjsEQ-D1_T6FxS5JQyvkKGeXYunqzVL3WI5Z3yUx1fbNZQVCY0vx--ZqC43Xf2_2bPFoEW0W-12l916Bpi7J9X2gvOzX4pSgAgZ8vXbjAfTt7KlgO_HQHpZcSgjlawJCFNEa5nuTKGw6kh8iZ1JwgvreCT6lZ98M6WmIvranEz3-9oSP2JUO8aWz-X-ydvLf2W3voRg&lptoken=16df852c470a85cd025d HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 30 May 2023 19:58:44 GMT
content-type: text/html; charset=utf-8
x-amz-error-code: Found
x-amz-error-message: Resource Found
x-amz-request-id: GH4S5HG5KFCHG561
x-amz-id-2: fbAm88wFvCi817a1R4WfhaZ3GV6vzSGTc0Tn3RGlfvM8vb5aziE7hxFdcEMY5hFwHlqG9q2FwHA=
location: /bgv1/
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L66ZXeCT8r4kg09k5MyzTrKspgr%2FYQze9tGfd2oU%2FVRZr3UVEcqM3uLqj%2FiNiNq7iaBi2Ff%2FIexKVAXRMLL09l2OIpc3MEaztHcZKVOxdOhC9HLNREtCBJFTU6buAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98db77e09b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

62.115.252.113

512 kB

URL
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
62.115.252.113:0
ASN
#1299 Telia Company AB

File type
Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size
512 kB (511815 bytes)
Hash
152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48

Detections

Analyzer	Verdict	Alert
VirusTotal	0/60	VirusTotal -

HTTP Headers

GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Last-Modified: Wed, 24 May 2023 20:52:50 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1684961569.84930
Content-Type: application/zip
X-Trans-Id: txa73051eac09b464dbbbc2-00646fbb00dfw1
Cache-Control: public, max-age=59674
Expires: Wed, 31 May 2023 12:33:37 GMT
Date: Tue, 30 May 2023 19:59:03 GMT
Connection: keep-alive

happy-u.vip/bgv1/sounds/win.mp3

172.67.216.132

404 Not Found

2.2 kB

URL GET HTTP/3
happy-u.vip/bgv1/sounds/win.mp3
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
data
Size
2.2 kB (2241 bytes)
Hash
197141c374bc845755e41db9b23a71bc
7f9f89564bec36dd54e237225aaf97f2fb3d1094
21813b427c10827ae2b21ae1fbcce2da46ca94cd66a21709a42af6d169cb9156

HTTP Headers

GET /bgv1/sounds/win.mp3 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Tue, 30 May 2023 19:58:45 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: Z4KP3PPQ2GHSF1EB
x-amz-id-2: 1MCziYOOHdp/954e8x9RD4Xh5wE6wMnR4WyJlkYyKKKPAY0RvqLa5w1WAsnQC2a6qWfEE/uxGqk=
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFwQUokMcgFUx8yU%2BznQT%2F%2FOn1qy1ywb%2Bciy3ksQrkL8vMinZLdjScJ5x%2BDyrIydsMeZ3iO%2Fc2F34E1chFWyI4nk%2BalVqds%2Bk4xsnjbF0B%2FOFTap6uvv0gPRb09S5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dbf0befb517-OSL
alt-svc: h3=":443"; ma=86400

notix.io/ent/current/enot.min.js

139.45.240.92

200 OK

91 kB

URL GET HTTP/2
notix.io/ent/current/enot.min.js
IP
139.45.240.92:443
ASN
#9002 RETN Limited

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjectnotix.io
FingerprintAD:90:FC:08:2C:34:8D:1A:3B:A0:E5:D5:FE:AA:36:3C:5E:DC:29:BA
ValidityFri, 14 Apr 2023 07:31:04 GMT - Thu, 13 Jul 2023 07:31:03 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
91 kB (90970 bytes)
Hash
02dfbbb80b22a52c6cdaaeeeef0a8d4a
585a49b7ba0fc697d1d8f6d75a0a9924c6127e1d
8a969554eb2a66662463b4d9a9ada451da48206471e9cf3cc7d8d02fd287ebfb

HTTP Headers

GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 19:58:43 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 11:07:16 GMT
etag: W/"6475d8e4-1635a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

fbrewards.com-sna.pw/uk/1/like.png

0.0.0.0

0 B

URL GET
fbrewards.com-sna.pw/uk/1/like.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://happy-u.vip/bgv1/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /uk/1/like.png HTTP/1.1
Host: fbrewards.com-sna.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

happy-u.vip/bgv1/sounds/alert.mp3

172.67.216.132

404 Not Found

356 B

URL GET HTTP/3
happy-u.vip/bgv1/sounds/alert.mp3
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (370), with no line terminators
Size
356 B (356 bytes)
Hash
9117af08bea0c71bc8d48258f619e741
075334cb41054febf6922943ce11c970b464f9fc
df3e69b79e329e9985dcd0f4c455709370cb3421f93a90bb67550477e1888456

HTTP Headers

GET /bgv1/sounds/alert.mp3 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 30 May 2023 19:58:45 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: Z4KM3NTBE98G2479
x-amz-id-2: 7J097IppuZOalw82AFj/C7Ux4Y6NUh/B1NZuRPfHsxrk2asQp79tTa2gPJiNx1WQ5GqEjeki/gg=
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeuSIbyHr1xXEBElnQqIbFTXk6t8hjTspM9RGYfWXfjjin2PuW9hPD1CRFiiwLh5IK0hFSgB3Fnzos0p3i97HfNP%2FFL%2FRwBGG%2F9WoW3jLVnIniuGt6yvBu1yR6SapA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dbfcd09b517-OSL
alt-svc: h3=":443"; ma=86400

happy-u.vip/favicon.ico

172.67.216.132

404 Not Found

346 B

URL GET HTTP/3
happy-u.vip/favicon.ico
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (360), with no line terminators
Size
346 B (346 bytes)
Hash
3d8e685e292133fb10f74517680beba0
435c8c160b720f157cf70b2189c58889e3988fc4
5e3e688f7bbff15c3a5b9e1d8dd5beab2e5179f052e4f413ab5e5a4b3ed363c2

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 30 May 2023 19:58:46 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: M2SMATTWTRYE6QN2
x-amz-id-2: FtVgrN8zjYV8hIdPdqE4xiOQxOPkcu9s9pvx/iJZZkWbRQZOVWBEN29tK9Ls2HE8lLm7ZcczMaw=
cache-control: max-age=2592000
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ck3t1m8rYffJM%2BY3HEi9QjMjN34bhmXi4ILvAH1y7UcArLbRvIN6MgNeZi00fsc6GI3M%2FLPxPxFstWfSGJToxbljiEa19UnyBjWYrFgfqZki6UEUx3sUmbqsY%2FV2Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dc12f73b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1/sounds/spin.mp3

172.67.216.132

404 Not Found

355 B

URL GET HTTP/3
happy-u.vip/bgv1/sounds/spin.mp3
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (369), with no line terminators
Size
355 B (355 bytes)
Hash
153f489be8b79f2a9524f31fd99d2415
e0767e932001ed2d835a010c7235ba1f813d18e3
aba3c528e60fe3348c6cd3225a3bb1da7b3cd65eb629a759358b01cd5000d1b3

HTTP Headers

GET /bgv1/sounds/spin.mp3 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 30 May 2023 19:58:45 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: Z4KQ0614E73PKQ2R
x-amz-id-2: 3teGTHEXwucyYCYkNko/mOD3j7r4UiDvM5A7DYEH5nAmQJJR0rcL3QvUjBFxePBv9E2SRFRK93I=
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUIgSfUXYJvgX734vOvdDBP8%2FUmWiTx5%2FWjsPkB2yPPqjUySVuWiFuctHJ8CYy6ZxPAk6p9zmExbXh7D1pTOgiiN%2F%2BisVQ0pC5oc5h2pyUO%2FK%2FbdQbDDbH%2BTEBEzaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dbf0bf0b517-OSL
alt-svc: h3=":443"; ma=86400

walter-larence.com/hp

18.193.146.82

200 OK

382 B

URL GET HTTP/2
walter-larence.com/hp
IP
18.193.146.82:443
ASN
#16509 AMAZON-02

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjectwalter-larence.com
FingerprintA1:D6:19:32:C6:A5:F9:A1:F2:DD:D1:48:A3:0E:81:64:B6:E2:1A:1F
ValidityTue, 30 May 2023 05:56:50 GMT - Mon, 28 Aug 2023 05:56:49 GMT

File type
ASCII text, with very long lines (391), with no line terminators
Size
382 B (382 bytes)
Hash
66b640747c41d0de4a0695e927f8f2dd
4148e7a11455d6f34c77006a8ac4f305213554d2
5dddf41468e23d8e2c6c475a5ae8a2a27f390e713b7794347e8620e0bf16ea96

HTTP Headers

GET /hp HTTP/1.1
Host: walter-larence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 19:58:44 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2

fbrewards.com-sna.pw/uk/1/arrow.png

0.0.0.0

0 B

URL GET
fbrewards.com-sna.pw/uk/1/arrow.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://happy-u.vip/bgv1/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /uk/1/arrow.png HTTP/1.1
Host: fbrewards.com-sna.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

happy-u.vip/sw-check-permissions-b5194.js

172.67.216.132

200 OK

566 B

URL GET HTTP/3
happy-u.vip/sw-check-permissions-b5194.js
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
ASCII text, with very long lines (605), with no line terminators
Size
566 B (566 bytes)
Hash
49e53cee37df12d1a66a5555f9c27e64
0fd8f141632686068351e9310977a0e4c09e68bd
57d80fcdfa6e6acd9340424e35c28e1b57b11fd2c6b3840450069c223ed6a02d

HTTP Headers

GET /sw-check-permissions-b5194.js HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:46 GMT
content-type: application/javascript
x-amz-id-2: kTGZbM48sejeAqrfzb6pBkFQpdbBsONn3p8iL6SvRhnYD59ydB0M7eCs9Kypt76gQFzOv1vZZII=
x-amz-request-id: M2SW8TW7Q72B12Z1
last-modified: Wed, 24 Aug 2022 13:58:18 GMT
etag: W/"bb22980f2fbb3a67defb7d8a6ddf1635"
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62A1NO4Xn0gVhiLDFkc1rHzxtT6ahhDUn4XBSx5eKjDW3ezg59ZvoW%2FTPsKxYPl8eQQ5MTnH7tI8yL77mgklgoBLNqrMpTRP7TeWF9sgt6terI3Ia7cq4eva5wyapw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dc12f83b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

happy-u.vip/bgv1/

172.67.216.132

200 OK

39 kB

URL User Request GET HTTP/2
happy-u.vip/bgv1/
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type

Size
39 kB (38754 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bgv1/ HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: text/html
x-amz-id-2: +q0P+d6oZm+FG2JGDn3hKZ7qCIvXZECDM8I7zbneYvOJSgkFzaCcRgvFb8v07OqSwS0PiEDYrDU=
x-amz-request-id: RTGP603DZAVWP1WT
last-modified: Wed, 24 Aug 2022 13:58:23 GMT
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rN991h8jXrD7IRsy2fjP4lIiESvDj5ibmgGZoH1EKB6%2BULo6QEMuX7oXRy%2BMnhIGx0OhyJnX%2Bbxe%2BHcPzVZQXhNqwx%2FO58Tn6cD1JEMsCkLQVTQlgaTRqn0OgC2Xfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98db82f99b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

happy-u.vip/bgv1%2Fcss%2Fs.css

172.67.216.132

200 OK

8.1 kB

URL GET HTTP/3
happy-u.vip/bgv1%2Fcss%2Fs.css
IP
172.67.216.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happy-u.vip/bgv1/
Certificate
IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint76:50:CF:F7:E3:0D:3F:74:D4:93:F5:CD:7E:1C:82:66:CE:04:19:3E
ValidityTue, 02 May 2023 01:32:03 GMT - Mon, 31 Jul 2023 01:32:02 GMT

File type
ASCII text, with very long lines (8606), with no line terminators
Size
8.1 kB (8130 bytes)
Hash
a87fccdba357f75c3027ef559f508a15
a98ce46ae3d5374923fb079c81a4810e4c4c3b29
23f90e1f90355fb304cab2835a9337765f5b8fbf475a661017f98c6f10c7e799

HTTP Headers

GET /bgv1%2Fcss%2Fs.css HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/bgv1/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 30 May 2023 19:58:44 GMT
content-type: text/css
x-amz-id-2: fSAGzRejfMpm9m3pJTK6v4E/YstDZfnIewBW/QLwolyBMjoD1/BPIZPnDcTS7qmr0B7Tj4BbFbA=
x-amz-request-id: GH4SH3Q52HS4SHGY
last-modified: Tue, 14 Sep 2021 10:23:04 GMT
etag: W/"26557b7cc6a3228ebc4b17921ad44ea3"
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UA92TQQBapMcmy4I4037pP1NsrcxCaCiZFOTr93UHFWPpI8%2F1GSBt61uq6FxGwgJO6KHiPtUhhKjZomFFN0dkPuTgfG2r3Mt13U%2B8HzKMxJEcmuPNcQUF%2FUoxp149g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf98dba1b58b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (16)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN