r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2770
Expires: Wed, 11 Jan 2023 08:25:59 GMT
Date: Wed, 11 Jan 2023 07:39:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eecebe0566883e33558e8e67beaccb29
acdd8fd09e2066ed5ecfbc3f11c4a2d61218ecc7
65e21170242bf41eb529fa422385dbe5af65a61e374e6dd5669e7e5f927948af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65E21170242BF41EB529FA422385DBE5AF65A61E374E6DD5669E7E5F927948AF"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5736
Expires: Wed, 11 Jan 2023 09:15:25 GMT
Date: Wed, 11 Jan 2023 07:39:49 GMT
Connection: keep-alive
www.basichiccup.shop/hbrka/rhthr3165cmwhpe/nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
188.114.97.1200 OK 538 B URL HTTP/1.1 www.basichiccup.shop/hbrka/rhthr3165cmwhpe/nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7941ac21019e9cca3f0da51b2faf6372
3194d332bc5873fb4d8af739627d63fef08ed5c6
79315c6f5c89feb14ed26e0f25c94a160e177f417bdd464dccb1ca5d244f7d11
Analyzer Verdict Alert fortinet Phishing
GET /hbrka/rhthr3165cmwhpe/nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEijmUi3066DQN6kDYkabj8R%2Bs37%2FYrLOvjjP393vhxxC4e9yzofi8DdMdFJod0aFWdpnRwMsn%2BaqMMEIwyfCVfGzPkpv7edxwHqO9Z4dl09QsP08Ey01cslCBjFfg4js37Fk6hTCg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 787c00310fe40b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 11 Jan 2023 06:48:34 GMT
content-type: application/json
age: 3075
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8ccb7b2b89aec333fabc04d37337892
c2a13a42c1bd0cf7ce68d9c13b3d6ba1044b5283
75fcc3ea090454e3489a131b70ab50798fec6a08664745027d7a1cf62c6aba28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75FCC3EA090454E3489A131B70AB50798FEC6A08664745027D7A1CF62C6ABA28"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4010
Expires: Wed, 11 Jan 2023 08:46:39 GMT
Date: Wed, 11 Jan 2023 07:39:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: g+yEFVU2B3u8rf5e7Rmxo987X9014XVPwAB7cwCy4lkaWWTK66ufBDL/FXUqY3299llUvGODhmI=
x-amz-request-id: WMCK8CSG23B1C40T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 11 Jan 2023 07:16:57 GMT
age: 1372
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 07:39:49 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39e74fee23bd195e2926cf5241f2fca5
a3361a128141f84053b85994e1a3b2f3e9c9d979
aaa2168872731f90ab7c5d5e98dc17660973582d1b157f4e4a3be4939e99b7e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-22484186-3
142.250.74.8200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP 142.250.74.8:0
File type ASCII text, with very long lines (1759)
Hash 504e9f5a727349378b552e9396982e7c
231c9ab7c041704cb82e23edb5a36bd6feae8472
c7acd88037ae80743e5f56efef593dd7709c65ba6fd535ef973960141b3f3f28
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 11 Jan 2023 07:39:49 GMT
expires: Wed, 11 Jan 2023 07:39:49 GMT
cache-control: private, max-age=900
last-modified: Wed, 11 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44834
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39e74fee23bd195e2926cf5241f2fca5
a3361a128141f84053b85994e1a3b2f3e9c9d979
aaa2168872731f90ab7c5d5e98dc17660973582d1b157f4e4a3be4939e99b7e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.basichiccup.shop/jquery-1.11.0.min.js
188.114.97.1200 OK 33 kB URL HTTP/1.1 www.basichiccup.shop/jquery-1.11.0.min.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (32341)
Hash 95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16
Analyzer Verdict Alert fortinet Phishing
GET /jquery-1.11.0.min.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/hbrka/rhthr3165cmwhpe/nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:59:06 GMT
ETag: W/"63a31f3a-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cu4%2FeQwS2GufRICecQz5%2FcaroAHLKwx%2BtJU9ULqvcNsHfJax0f%2Bf0QUWiAc%2FwpNvKNKfkDgGXEUQE7FQIiSRZZfTV7AUUEFA0jLs7XAlEGOeBHiy26qWJ5OKO2Pa9cO2lGi0CGkNmg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0033ea610b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/offer.php?id=388&sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
188.114.97.1200 OK 334 B URL HTTP/1.1 www.basichiccup.shop/offer.php?id=388&sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c5433c14e5e34ff02064eb743a3a1130
839ada71ed1087dcf7809ea6686e41ad25cc9d43
f1bce9ebed0ef1d9bfa10f676a43d3cc5eb42ed80934edb86c67a6ee58004679
GET /offer.php?id=388&sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/hbrka/rhthr3165cmwhpe/nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPuiqjJ90DFMW3WwiFVgHkgrzvGe%2Fb1JVNhHI5dQ6D0QpZm9WzweLyHTSyGENhJbRHUH50sTcwWhtLIKxDZsySAEuF2w5jYOnvmeQwhtOcO1UM0vTodnIu%2B00P6RxJvPJmYKdJExsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 787c00355b7a0b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 11 Jan 2023 07:17:24 GMT
age: 1346
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a831a999b5e598b4e9f4e31e8054ca7c
9971a4a806f48777ae6d9525085d16d0c6314c51
cdffa8dd48e75baa98670f82dfac2b3948667ca32dd93f469d2cd49d3a58581c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3939
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:50 GMT
Last-Modified: Wed, 11 Jan 2023 06:34:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
188.114.97.1200 OK 34 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33268), with CRLF line terminators
Hash 6bfcdaf198853627a31bcf9afb74a4a8
740ee4d5d1025d5353f1efeaa05540ccc4c438e1
f62d880bdcf652700d51a9b9a1e71545247426b047a768c309e6bab9c916df53
GET /clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMOqqiexVKa0gpQcEn01j5ksujXHcHv9AR0KzIWglBs8TmCUiCmmNxy9GM%2FRsBfqPvNfDwVbU8Jic47nWVdpfT72Ju1I6m1ktVUgUeH76CDb7ZOf9X0imr7MHcJ8Do0q6ORY0%2BqTCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 787c0036bcec0b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/66dff31435.js
188.114.97.1200 OK 4.0 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/66dff31435.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (10594)
Hash 041ae29c4f9228e9fc628393b842a669
50e9e240d10ebda23ffcae1038f651a6a3f867cd
4832f4c06c7bc1b6dbadaabd2c46522345c8d6a95d0411a2a0a1bfed61be00e9
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/66dff31435.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-2b10"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XF0We6OwDz9muSIyyOelOdJCoQeyVkGfxTeendQzHwdUuaew7Vzg8UhraJ2tnmRH92z9MxJ%2Bl%2FdzVIaRlIQQlhwbAqrmNUDvJc9IVB%2FpsFgqTV97Dd%2BvuZ08OxNbfgxSLAb4QNF5XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0037f86a0b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/gtm.js
188.114.97.1200 OK 41 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/gtm.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (6433)
Hash 12b2ac17b6e6735d17a48444dbc3ff0f
abea39270e05e0a8f22a558fa8e0bec56da8df10
8a42096f2579983fdcea2031bb337003ec0ceff9f1e34782386fcd197c894bb1
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/gtm.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-1ae91"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPZ6vXs99B%2B4wlrjMKZzCUN0X1XwlNCQFPbfzA7kLQlzH%2BjhXA1LVEUzMgBC7AjRfMjmbu52uhX2iAKPQoJYxOU2V215snQrvYzaUoWT08rciQXzfsMmnE9yacyDEmKvwMjAYkhaVw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0037f9631c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/analytics.js
188.114.97.1200 OK 20 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/analytics.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (1325)
Hash 591d54bd92cf26b373257e9fb7a33f6b
a55b132ed25dee24900bf1d4672336ae640f22c8
851e9a6d089fa3f28cae238a77546d6e195f7148c8930e40636668d66b294fb0
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/analytics.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-c41d"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eW%2B240chC4CB1EIA6z%2BR4Zn2XbF3Ffoi5DZynYtVz6i28zbq%2FDXY7eWzy8viwk6%2BqNyL2NphA%2Bc54xusEee9rbRWBkDcbeti2pK4RVCP7JHrKUD8LIol0BAUEp7%2FMNxiXtYvM5fZIw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0037f987b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/fbevents.js
188.114.97.1200 OK 26 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/fbevents.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (64343)
Hash 607fd0796037f5273840bd18de1ed9c2
03c73fb568ca20c59e4be006b883c3ba6e2eb4c1
484b53e9b3915beb71154f7b6efbd16e78a186ff7b2df750dd5bf5793e79fc04
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/fbevents.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-18de3"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPWz8bP2HF%2FlZn%2BzIvk4NSJMiRTOb5q0l0QfDYem7vxUOCZYrGZ0iSDRtuE6HY8xAebgTeGVsW6cVJ6yo3r2tclb0OLZwhuZPMNqZpbT1Ki%2BLPRLCk9LqGrWixkyG1FkFHlwns7uqA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0037f863b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
44.238.3.246101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.3.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 00VWFXZF5qV07m+oU9Oikw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: n70UQAsQf8G+LJykE7MMUjV82rU=
www.basichiccup.shop/clicks/SleepConnection_files/wp-emoji-release.js
188.114.97.1200 OK 4.6 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/wp-emoji-release.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (10927)
Hash 44c878a68bd7aee913f82be76ab6c47b
69019989da92b51b397150ff0f6d334e1d4a63b6
e660f8e44094df53c821629ea6c3eee4456977ba9a7b01f5dd14ca304f835d2f
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/wp-emoji-release.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-363c"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6R5dMv2rWXg2VsZOnBl6j9O%2Bfuluy1Odn%2BnNY6xoAepjd6R4Lel%2BEEIIrm0%2FYTeYjQHDnoOy1LGEPs3SjuSBaXmUp6eF3o4lXpADurGOMXAgMuvR1KkvM8Wcxt%2BugQmkBdv2eLidA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00388e430b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/elementor-icons.css
188.114.97.1200 OK 3.2 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/elementor-icons.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (15953)
Hash ad40df06eba02b545cb2525a55735458
cdbf89fff534116a0e15cd7866741fd759678055
bddd06f3e866f1858bada4998396eb893b10747b143160764bf3660c164fd46d
GET /clicks/SleepConnection_files/elementor-icons.css HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-3e7e"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7vip8WixSl8RmbM20uctPTIRxodhrufgW0zRSliZBFCVkCGknCdrDBzy6JABqv3dWDA0zmKYJRUlzsCkfF9xIvpIRNyasQ2BbuImqmkSgYv7GFTyui%2BwpFqCTqOIxh8fQ03HGISRw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003979510b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/global.css
188.114.97.1200 OK 735 B URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/global.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (5563), with no line terminators
Hash c5f23c6ef2a7d927c8724971c8939e77
5e61db142a486927d03fb9b23e451d6e7075fd08
5a6621f0377cbfb199a7f69e8b9d9f0f6b5141202a4596fefa33b47c2b80f29a
GET /clicks/SleepConnection_files/global.css HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-15bb"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BYsWB1XbJjj4QGtWG4ancW%2BEmJparK7uOmO6vum6j608oB%2F%2BO6ZGlZFM4wEvoZ1VXRrB4HuMuwGRiJkWQir7Ry2tIUJL2VYWsL1geHRXTRZ1Yz6A8y%2FqoTlF%2F2edbCMWO5TKGR6yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0039ca33b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/animations.css
188.114.97.1200 OK 2.6 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/animations.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (10019)
Hash 4c70bb5ced8549969c4fd5763e3ac298
20cb3c388b2e002b67b3d0f3b4be087b16d19976
f28829988ee5fda24ab97ab7f0a729e5d1a11a047c39f2947905f0d33ebc217f
GET /clicks/SleepConnection_files/animations.css HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-4824"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujz2Z4sNz49OBa1AKtUOSGghTNBCFOQUkQw5aToJ8hJX8DAVBDEIno5HaqHFqfRuyHPh%2FNQNLSuzxWkl%2FkR5CQvvuf3Nq%2FJFQOn03pIkbMmvKfP%2BA6lGQZQjsEWziMX8NkYC5P0buA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0039ba781c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/frontend.css
188.114.97.1200 OK 15 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/frontend.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (65497)
Hash e9ef55aebe6ca19f48dfcecdc316caa6
e62870eb7afa73f726e9f5c08f167b03c0faeb3e
417104224b65d31437ca24b3da6523d98f00dbd71a18e79ab10585beadfd9763
GET /clicks/SleepConnection_files/frontend.css HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-1ad98"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGgY6uE3hHRawjn6kiXzQzlS7RbbMJdLUvfQG8qGLkUCeKvgwo%2FDOFYwUFX41%2BY8mTVTyeEntS2CCq2kjXEM6lrmIb9iBI6H%2F5PZp8kHYLDk0XGVkrs8fWgTHUT8pw72lEp4xpuosQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0039cb4ab523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/css.css
188.114.97.1200 OK 2.4 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/css.css
IP 188.114.97.1:0
Hash 884c85855318af5f3de085fc932abffc
853b1fd29bf048269fb901affb0f3788f3a81171
83f663802b04684ed114a74bf6b60e527b692992414bd998d1de4a728241d77c
GET /clicks/SleepConnection_files/css.css HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-13168"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXXqn2Cz4Ta0dI9hjExKz0W0r3SxJdQR8VY47qLo%2FgUh8wFsvnVXYWqrohYtOqoWB0PvgWiSUmPAdLtXk4182y18NzMP4JHsSQA%2B1vUAd%2FVjDFR7A2X9C%2F7sbO8V3Yp9gKgfTWZ8BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003b2a710b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/post-410.css
188.114.97.1200 OK 1.2 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/post-410.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (9730), with no line terminators
Hash 5494427e8081d127e03068ab214cdd79
c535cc9a4e1bae020dff6819103595a4e209a21a
d83ae29d6cefadcfd2c6cbc761bfb6241a9d735a12f20dd2cdaa3334e2395471
GET /clicks/SleepConnection_files/post-410.css HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-2602"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPNH%2Boplid7Td2AVn5Xg7US%2BoQAdbpy2fJIbKAuC3lxgRKail1D9tuUOh%2BXEkGRF7sc0MAciT82PzcJ8c2mf75iPFQwnO7ZtSTQ2vTISBQRe79kGfPnSRBk0bH0ua272NCsDoXNe%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003a4f890b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/fontawesome.css
188.114.97.1200 OK 12 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/fontawesome.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (55567)
Hash 8a241f544ae834a548c776771d6294f2
50a07c5332016e43376fc40787fd714cbcaf9e6b
a0a44ccc9ac1247f99329c0a99884d603bdc76325d0c7da984322856bee50b2c
GET /clicks/SleepConnection_files/fontawesome.css HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-d9c9"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ioZdfkJAERa3Ae3q8MLJQtOnBVOqLiloQrLqv3SRW3q8f%2BXKWhMM%2BgVXWlKc1eSW%2B%2B3w5B6rqjt%2FxVJOVaAEFkgvHUOjTJgFbnWYBxD0hxhX287z%2BTA3UHmLneTFDlb%2FQXSp%2FYYJw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003b3ba7b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/bootstrap.css
188.114.97.1200 OK 23 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/bootstrap.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (65324)
Hash 2411ea3d851ca16338935ed676888a64
7de43ac6df911ba972b49642e45972f6ecaee5d7
b06c09e2d8d125398789b58ceeb656ca1ea51be18a09c4a261aaf4bf2db29521
GET /clicks/SleepConnection_files/bootstrap.css HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-2606e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghuLo7vvqNJxoJ1XFnwcx9GkwpFCF8DGkP6g8dqzkoPH%2Bbv2KJu15riqZlJXpBRVFmNsaCDQmcNgdXZDWJoCHzW27qHNlgg3cJmV4AhSXhzXFggNz5C2dabynCsh9SYKULxlL8ED2A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0037fd06b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/style.css
188.114.97.1200 OK 1.0 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/style.css
IP 188.114.97.1:0
Hash e99b51ef4084cd73f88cb7a91d894af9
d092923bdf3e3625fb1c7d5447825afe0ead22a1
b04c604b656626b3f8952e397e0516851e219d246f8838337b7a7b1235285e91
GET /clicks/SleepConnection_files/style.css HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-99c"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTMHkEc6CuzYJpaykpRXKEKw3x7xyOYChaE6nAqkO9GByMGxxTxQYTJeGDCm66AUX4P81lQmaWhuIwy%2FfAFkzYnyiywXaSbzS5LIBNEPNqcxv5FrM3%2BwlnCIePdDhgrj23aEKS5p8w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003b7d66b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/solid.css
188.114.97.1200 OK 310 B URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/solid.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (482)
Hash 75cef4c54b9c37dc12391dc73cb9c622
c686bbae4186b699ca8bb902454b029bbd19ef49
a0df25312489d04feba47689c98d964cebd39150489bc0a4ed257465bbb67274
GET /clicks/SleepConnection_files/solid.css HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-29c"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXqfgQxsurx199UraWgc7VhG8ydfvqDanJIFHHtGfiYxDhfQi4fztKFs%2BAY%2Baja%2FGqLZCzSdczAFG%2Bnk4j7veNZ24PpNmD6WYK54Vem5KnMavnIFx0sGEjvdPwzZBIKBDiuw7scGqw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003b6bd01c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/jquery_002.js
188.114.97.1200 OK 34 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/jquery_002.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (31997)
Hash 81b3900d90d25a6b8f3b58ceed629450
52b5b6fdccee288955712e7a82165351777ea6b0
3c799d9165bc9380b8274968eb72f1ed898d50ea75f41fafe9c0f3638f228781
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/jquery_002.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-17a69"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEW3qzrlz6YGkvXVE6LRcY%2Fud7arOmy%2BkVEcKAuZGy22iFyyaAIQdx2SPWXwBlJxoxuTy5%2FAW2IKeq7eGbsw2oW5oJBIk7MxyHrCAXniZx4vS46b%2FiRbqfPNt1Q%2BN2xi40sqK6AFjg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003bfb110b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/jquery-migrate.js
188.114.97.1200 OK 4.0 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/jquery-migrate.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/jquery-migrate.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-2748"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nglJpoAQZKB3ceMROt0igEjnoW1gyM3KniJLSc8vDdpVpzIRxJpC5YRRaVnyo0W648EDvcTSdbEvn2wOcbTgbK22DHTg2yGIJWAHmAeoegPXEbiSKN1kn27igbNiZuIQTeiU25z4XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003c08d70b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/jq-sticky-anything.js
188.114.97.1200 OK 1.9 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/jq-sticky-anything.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (7245), with CRLF line terminators
Hash 8003438bf997fd9277a159076354cbe3
d52b0a136d663c7fa7c66ae6377a00091c7a92de
1d9784d5466546a791423ce807992fc61af9f486fc4ec8b20e7d02e3648997b5
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/jq-sticky-anything.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-1cf2"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcfoPMjOV7rddzKub9EsH%2F%2FPKH1FIAq3x4mw0sjoyVweLU77ltx%2Fr7mzfQZwpb4EhYszHBTRD5OhmZ3eu4NsRnktBbK2qksgqtXqy8lmE4gYTkGiFXS6lqH3AkNAYWgFr%2B6nS%2BsEkw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003c2ca2b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c61b68fb64b61b18c64e850a0803b790
fb2bf2ef573e4e13f18342a77d0c772dd09f2496
1328ac3b55031c88afd277995d3029ec20ec197061c8d3346c31981385bc73f6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=85850
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:51 GMT
Etag: "63bd1421-117"
Expires: Thu, 12 Jan 2023 07:30:41 GMT
Last-Modified: Tue, 10 Jan 2023 07:30:41 GMT
Server: nginx
Content-Length: 279
www.basichiccup.shop/clicks/SleepConnection_files/jquery.js
188.114.97.1200 OK 692 B URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/jquery.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (1147)
Hash b0f0e27b47d584e46e466a11c6efef14
b27ba27d86d69362eaf1304578aca91221ca5c51
ef07cae09807150f7ba902fa76f8a1b7c5affa782b71026bc8ba009ac56d0c34
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/jquery.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-526"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aztzNLGhG9f4qkIWxnGarOpmxsjf245XCSOZrdgo3Ad46rB%2Bxuq46Rg2YBwYuVzfm7KH3eEyPmhG3XEPaB95vjGMiHIppQFzXuh3GCFEM6eE9qJuIdEDFjF2SAz9rb9onMg6zoOdqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003c49a4b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c61b68fb64b61b18c64e850a0803b790
fb2bf2ef573e4e13f18342a77d0c772dd09f2496
1328ac3b55031c88afd277995d3029ec20ec197061c8d3346c31981385bc73f6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=85850
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:51 GMT
Etag: "63bd1421-117"
Expires: Thu, 12 Jan 2023 07:30:41 GMT
Last-Modified: Tue, 10 Jan 2023 07:30:41 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
www.basichiccup.shop/clicks/SleepConnection_files/stickThis.js
188.114.97.1200 OK 331 B URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/stickThis.js
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 771ee5832cc028d407e7965ceadcb8cb
f4d8260d4d362b2b2f1fc6096e3d0f7032e41036
e8b6b612fb832b0097e04e35de8baec1200e2c0f14c0018b13e8f2942e09bd3a
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/stickThis.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-2d6"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3B5avGuxgo0VR9p%2BiNaKeV9IhFxU1oJY%2FGvFOhhAWucLRPjcG%2FbNUksq1aIrheBK7ZeuxzY5KNr9b%2FNTUbZHg%2FCyqgShtWHccwjcC%2Frd1W6oGtLtTdRI4TqlCFqB6SxEVZWq3a%2Fdcg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003dca7d0b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/js.js
188.114.97.1200 OK 900 B URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/js.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (1709)
Hash 02dc85e8fe1e05bd2e8963a4fb8abb2c
389b8e8900425f359a29831c06aca306a5a7ec3a
a1602c9895d527a385d935becf0c305b9dd7c93e213ec32653575bdaf67534df
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/js.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-6d7"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIbIQa1yCLuQmTcrrziRQZU1VW8IEUVxO3e5w9P2zuJymFChMBax5ChdTUgYm2LbRkNi76%2B4c7hbbQ7YTGIsSoQ96k2Pq69PMHv6LnwOx2EgWlc4R099M3Bt%2Fv4RsCfMUUhHgYOY2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003d1f41b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/public.js
188.114.97.1200 OK 8.0 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/public.js
IP 188.114.97.1:0
Hash a569217b9028b3d65b574448a1ba8021
befa37b28e08f4c42fd4f3e5fd5cc400b0577808
45559323c238da41a8ecc059621932a74cbeaf46d7178d735bddbf66276ebebd
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/public.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-c76c"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQ576iBzd5OEhjrotsMAiD8LHN0Lx%2FxxaUvTgV4Hv1dGRpVTcKZg43jU56u65JJ95U2sCNxzxMYsMHqRZAHVM27mqSRG9B85cRRv5JlS%2B500Kfos6mpmCY8ZzoYDHanI3Q2Wp5wFsA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003d3d3b1c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=66dff31435
172.64.169.22200 OK 60 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=66dff31435
IP 172.64.169.22:0
File type ASCII text, with very long lines (26500)
Hash 46503d2025b8e5ae596e7a2ad9d65f53
abcdbf10d6a8071647b7647ed53c26c1225076ae
994d41e6e9879d595b93184e64a3634ff5abb175d820ce5d36dfa5bf191ea50a
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=66dff31435 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.basichiccup.shop/
Origin: http://www.basichiccup.shop
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 07:39:51 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24639548230786af4bba1a9e26c6080e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: wx7ojdrQpG9Tit2ZdGrn8cqwONKZp-W25bOoJYd4LrZmwPgsjkSlhg==
age: 104369
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZjumRlhbdvuLTYtM5BF7PPYImQKsyxWH3klRbLLdav6WCpbK34z4SRWpK7tSi3M0%2BYNaCwi3QEZnJclvFDzMrHT14wxFWe7lw2W5cQ5AGFvosHEALhUT2EgW6DDad5Yxj2D6KZZNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 787c003ccd847744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.basichiccup.shop/clicks/SleepConnection_files/DMCABadgeHelper.js
188.114.97.1200 OK 275 B URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/DMCABadgeHelper.js
IP 188.114.97.1:0
Hash 45b235fb87b19eb2f5be4363d7f1ac52
7491f288afba6f25eca00247be400e20d3914eb3
086f75c995c89b50bfa807b21044a82d240c75f7307ff724a5d1a488c85719a4
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/DMCABadgeHelper.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-1d1"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogvBKoZg%2FbSZ3gTs9umFP%2F24%2FVIwKvRkQ3sNTvOy3VyKy3ZOLFuryQXF3Yd1y%2Fh4YSo4JOCWHZnB7Ny0r61GAUj%2BaaCbsOW8rVbAULyWMZfDyGy%2FV6fq49Em%2Bs%2BaL5Av1OeTA4hsHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003dbc3d0b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/wp-embed.js
188.114.97.1200 OK 769 B URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/wp-embed.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (1391)
Hash 82e67f050afdb38c20ac6eb305f97c17
df1349df76d66a9cf64377cf335c67c337d85470
5f6c33116e2106cd0f2f28c16062f1d584e74b8539a14ed45e17957634d71b7e
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/wp-embed.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-592"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeKfNDxcaA9YMZdJmrJUlHadgnVxukQqmaARQBikFgL%2B8hR3L7g%2BTBB33RVic1P5ZcsNWtgwd8qwc8jcBdRw%2Fz3%2FSAF%2B%2F%2BNLHloQ6Y2cpqoc%2BSCfGRSGFcOxGfSRGsFsmV%2F%2Fqbyrhg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003dde4eb51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4475516cd46e5a73f3002f1fc9b68cc5
114957dbe1042296e6ea7542445dbee8d9084d82
08d1e5edf085d4051c346087631febfdb48ab158a5e337a8902bc07efb588394
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
172.64.169.22200 OK 77 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
IP 172.64.169.22:0
File type Web Open Font Format (Version 2), TrueType, length 76736, version 331.-31196\012- data
Hash 4f5ec865a8274ab291b6a42b5f70639e
6f00f8c75208b96e585646824c4011093446acd2
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
GET /releases/v5.15.4/webfonts/free-fa-brands-400.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 07:39:51 GMT
content-type: font/woff2
content-length: 76736
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
etag: "4f5ec865a8274ab291b6a42b5f70639e"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 f40585e1285ddfba696e566c1dd902de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: XmrxjuGejeNi3tcPxTqPwLuGcrJ-VOmASf2y4v1hm_wsJnegv0RZmA==
age: 104375
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GL8aBv4lL%2BN%2BSz1I5v8%2FlHpsLlsqlp1sUkW5UXUWTIimkd%2FvqJspgQ0uA5hCwlXvpQ139lE8VD0sJZwhhB9nyY7AQ1aX0PWdRcI9M0DzDB5Riwhevl2s%2BSq0RqdwQ8Wut2FaOXkc7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787c003f786e7744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.basichiccup.shop/clicks/SleepConnection_files/bootstrap.js
188.114.97.1200 OK 9.8 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/bootstrap.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (32003)
Hash 58d37dee3da217a04a9928284dd6e09a
412d316bc6cc79694772c5a86405cac30b00e2d8
d38e60ffa16dcdc8904f412aa9a74d96d637ddd2eec98a338cff900fa9d5283c
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/bootstrap.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-9004"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znvQf78jKxgWiw2DCLsOtaI%2BXX1X1AuXFQ%2FFBto5TI7DXM8gZs5lCVXr497xEXqjlu2zERarlLYXIxdPUPwxj1soNrHHRPd0n0aZ89%2F08TujXYxgWG4bXf7i1KwV58gdTVB%2BzncG4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003e1b80b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j96&a=1850392277&t=pageview&_s=1&dl=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&ul=en-us&de=UTF-8&dt=SleepConnection%20-%20SnoreStopper%20Watch%20-%20Official%20Site&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=KEBAAEABEAAAAC~&jid=1318528079&gjid=1417378494&cid=1827950795.1673422777&tid=UA-163444056-1&_gid=806708181.1673422777&_r=1&_slc=1&z=1047614488
142.250.74.110200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=1850392277&t=pageview&_s=1&dl=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&ul=en-us&de=UTF-8&dt=SleepConnection%20-%20SnoreStopper%20Watch%20-%20Official%20Site&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=KEBAAEABEAAAAC~&jid=1318528079&gjid=1417378494&cid=1827950795.1673422777&tid=UA-163444056-1&_gid=806708181.1673422777&_r=1&_slc=1&z=1047614488
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j96&a=1850392277&t=pageview&_s=1&dl=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&ul=en-us&de=UTF-8&dt=SleepConnection%20-%20SnoreStopper%20Watch%20-%20Official%20Site&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=KEBAAEABEAAAAC~&jid=1318528079&gjid=1417378494&cid=1827950795.1673422777&tid=UA-163444056-1&_gid=806708181.1673422777&_r=1&_slc=1&z=1047614488 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.basichiccup.shop
date: Wed, 11 Jan 2023 07:39:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16408, version 1.0\012- data
Hash 875ba54801f7cf83ea70abf613fab665
a747343db86c1ba5d10d6cb1814fd6ac6db42b65
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
GET /s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 16:45:00 GMT
expires: Fri, 05 Jan 2024 16:45:00 GMT
cache-control: public, max-age=31536000
age: 485691
last-modified: Tue, 01 Mar 2022 22:02:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16792, version 1.0\012- data
Hash 423d5842ba21b519dd444bd2aa5cb6fe
8ff105cb7d4f988037ba37cb7fe4f5889fae8772
c64e196f537555a5bb4232d9df908cea1612e58a74b6dc43f0ee32be1a505a24
GET /s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16792
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 18:09:42 GMT
expires: Sun, 07 Jan 2024 18:09:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Mar 2022 22:06:49 GMT
content-type: font/woff2
age: 307809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash f00e7e4432f7c70d8c97efbe2c50d43b
d836c7d4bc52bcd67626b8960ae030ad315c2507
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
GET /s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 21:48:27 GMT
expires: Fri, 05 Jan 2024 21:48:27 GMT
cache-control: public, max-age=31536000
age: 467484
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0\012- data
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 05:34:10 GMT
expires: Mon, 08 Jan 2024 05:34:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
content-type: font/woff2
age: 266741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15828, version 1.0\012- data
Hash bf28241e67511184c14dbd0ef7d39f91
c706e0a4122ab727645b744c21667390e8898a4d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
GET /s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 19:03:36 GMT
expires: Wed, 10 Jan 2024 19:03:36 GMT
cache-control: public, max-age=31536000
age: 45375
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16692, version 1.0\012- data
Hash d65113b6da7ba4bd0a59dbda5a7e24d4
929ecf3ad6ab03123a7bad0609b4b8ba1623d4e8
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
GET /s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16692
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:34:53 GMT
expires: Sat, 06 Jan 2024 13:34:53 GMT
cache-control: public, max-age=31536000
age: 410698
last-modified: Tue, 01 Mar 2022 22:06:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v28/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v28/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17768, version 1.0\012- data
Hash b42f06e6ecc6ae551b010ba0ff4fa6a3
363c4ff155d5e82e88d9dfe31e129dcf62b4dced
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
GET /s/opensans/v28/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17768
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:42:01 GMT
expires: Sat, 06 Jan 2024 13:42:01 GMT
cache-control: public, max-age=31536000
age: 410270
last-modified: Tue, 01 Mar 2022 22:01:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4475516cd46e5a73f3002f1fc9b68cc5
114957dbe1042296e6ea7542445dbee8d9084d82
08d1e5edf085d4051c346087631febfdb48ab158a5e337a8902bc07efb588394
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.basichiccup.shop/clicks/SleepConnection_files/main.js
188.114.97.1200 OK 17 B URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/main.js
IP 188.114.97.1:0
File type ASCII text, with no line terminators
Hash a932bc38777af90144148f9db9e3a6d6
1e5066d4bca2ce414111ee89b7aa4caf2564720e
8e9b2258b5383cd80acc415960b62c979d06f45af9ea4d59ee328ed76e8a69ab
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/main.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Content-Length: 17
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: "63a31ee8-11"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7b%2BboMR0gWAqJI0Er8wtNAw1fic%2FjwR1Ea%2Fz3TRG7A20WD8FccBvvXUpwnlhazjuLV0qAddWsQLeZkGl1qxrxfvObgWj69SKBlU4TAvfzHhab3ifv2zdsrEZhuHBjAa2PMLKe%2BDg3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003eab520b4d-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.basichiccup.shop/clicks/SleepConnection_files/frontend-modules.js
188.114.97.1200 OK 17 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/frontend-modules.js
IP 188.114.97.1:0
File type Unicode text, UTF-8 text, with very long lines (38520), with LF, NEL line terminators
Hash d8ac1c34baa018773f57989eac9c6697
118af990ccaa7792fb7bfa957129853972de50e2
f83592a8abb61a4c8bf52300897a800a22d5d80b56ece2bd17f26eb5a6c4a09b
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/frontend-modules.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-e983"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoyYFYiTG9BVEInbS3boAjrSEbreHEIRXkYlpRZKauO5sNC635lXc3%2FDPVkq1uUaJPp9O%2BR8jEvay1jpk6dK3CeZYJ1YlU54%2BeMbNcxY%2ByBPZNp%2Bkhl7%2BJ5%2B%2BJ5lc9T0JLGk4gKU%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003ec932b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/position.js
188.114.97.1200 OK 2.5 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/position.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (6217)
Hash be67978f782f57325337582246c69b24
fa689d85f7cddd421bb0d65e7826a1ee8c7a33d2
6a7338aa365d61fe4d765e106859d1c30d55a2cb0ff50ebf2b4782fdf703a197
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/position.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-1926"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rp6sP8nQANMVRfIjKY0LRNmEaZ1TSeDXWs2GJOmwq4B4EGVrwtqQKql77EZfvTc9tfarRYyocWPCtp4KCl%2BXgkgi966w%2B%2FAcVj1yEcK%2Bxfl%2FrZNe1fgMYcTi03XwOMiZ7zzm%2B%2FkSNg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003efe8c1c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/dialog.js
188.114.97.1200 OK 3.5 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/dialog.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (10557)
Hash 4d4f3de47e0fa2881c455553af6db547
7cbcbd093566884bd048f35d32cf2b057f1e7cc7
3e5258a59d7d51eb1b554a46943dfbcc16903ed2f0fe334225ed4c85aff1a087
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/dialog.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-29c7"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJUSpYQM7k%2BtzgEL40zSIIP0tZOlPL24XNZSgDLHYkegPjQ91E2Ni%2FEcfHCcUmzZ9dalbtNdnkk%2BPF54xFz17jgK3ugujTesIoQyj0JNL520L8wpaan0YyRX%2BV4%2FdHWe0zuPrxx1Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003f8d440b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/waypoints.js
188.114.97.1200 OK 3.0 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/waypoints.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash c0db6d5c401074694c0330081ea8fffe
6a7474cbdd8d9f96165eb43a2d0e26840061a7fc
45cb1f190f039721a49a08310c0d932c469c9cb470786b34d6a904e20ffa8c93
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/waypoints.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-2fa6"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=td%2FGK2QjB5uSh6wsRbfj30mKr1SI9xgGBYboIFvsc1GYdWi3nsxzVitabPyM1zzAQtcuTBNBBA%2FIWAjTuEfI%2Bd4XX3VwXr2oAmEMhbZPmrRLDVD8HMaVMBZpi7G2Wz8ylwQEF%2BQS1w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003f8fd9b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9768
Expires: Wed, 11 Jan 2023 10:22:39 GMT
Date: Wed, 11 Jan 2023 07:39:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9768
Expires: Wed, 11 Jan 2023 10:22:39 GMT
Date: Wed, 11 Jan 2023 07:39:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9768
Expires: Wed, 11 Jan 2023 10:22:39 GMT
Date: Wed, 11 Jan 2023 07:39:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9768
Expires: Wed, 11 Jan 2023 10:22:39 GMT
Date: Wed, 11 Jan 2023 07:39:51 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39bf291e57709ceecd07cf4dd5539ecd
e0b3aef8b47e4184fa743345c332f07bd3f7128e
3ee3402a998f6b858ecb1708f7fc42fa5f369abd4334dced3e621cd59cb26494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 68af9d9acdc08345ac38ae59f83a9a24
d3c0b7fa6ab4f421835acd595a75b5035d1ff9ee
1ae2e194f6bb20166d326002b39a4e3f44a9a97046e77ffd2a186eae384b7ce1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10640
x-amzn-requestid: 0b0b6732-7692-4b35-9625-154dc39386dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei745GEooAMFafA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9d2-314dad90600e9d8c737adf05;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZR6BWnywdcRk5KkmuuMtlIgFKqD_IHiv9jSum7TsjPo5US-gkn7Z-w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:43:43 GMT
etag: "d3c0b7fa6ab4f421835acd595a75b5035d1ff9ee"
content-type: image/jpeg
age: 35768
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56de8a53fb494855ff7717eeb39c1fed
438999ac8d0853e235a2c0e0f404291961c891ab
357db338b2f6fcf434bdd9c2561f91d3fc7e5d42a92e5068402ce3eeb6fba412
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6400
x-amzn-requestid: f76c3961-a118-4639-a943-2ffbd3d28537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaD7hEEdoAMFs5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba4d16-3881379864dcae085aa4fd4d;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 04:56:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mYQfpwVDSCnen6utBvdBBOmlxS0gGhOqIg8YZ1D0Bt2Ii9O07L9G9A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 08:06:44 GMT
age: 84787
etag: "438999ac8d0853e235a2c0e0f404291961c891ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d11194f94b91e55e976fc5d704afa55
eb6c7b73b80d2d41e6e4801a0b671e2a5c1cdf5b
66b01e33e1bc18d18e187632738f8ff49ef58a2d054367173c0570b7caa76260
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4116
x-amzn-requestid: 64c7b71c-74a5-4304-bab5-305de0e4c9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eON3PHCaoAMF_Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5902e-72ada40c0419baa7763c2441;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 14:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wrpetZbXyS3pCR4ZBK2XXJRHbg652psant3gpl9ALVEZcfPE1ez8xw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 04:19:34 GMT
age: 12017
etag: "eb6c7b73b80d2d41e6e4801a0b671e2a5c1cdf5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a708649e0d6b128eb599b221445a8e06
59f9b06ee8e4c9608e29e7b19832fb925789f373
b4e17cfdee53b56ac33cb5a86253e4839ed7bd9bb1604209834bb22d881472f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7140
x-amzn-requestid: 96450c55-6068-4946-9e5f-650c19d2772a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei739GoJIAMF0lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-2bf965d47a10fd61619d945f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pURlX7y10G8YZmmDErWlZPJoW6evZ716B3NVZXafQRDpZ3Ei1ixeWA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:43:26 GMT
age: 35785
etag: "59f9b06ee8e4c9608e29e7b19832fb925789f373"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bb42924-de42-4772-9668-d2cdea9ffc34.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bb42924-de42-4772-9668-d2cdea9ffc34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88a5b6a852d2139e5a0d44aa0d199ed9
910accaca2e49f987a3aee63aa3ad8de8298a052
c35524983062df09cb7a323db476deebfd8c34c053d49d6651e17e9ca5ef561a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bb42924-de42-4772-9668-d2cdea9ffc34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9177
x-amzn-requestid: 147b1cb1-4b0c-4b26-adca-fd3a881e5fb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egZ_-H-vIAMFaoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6cc-048126f849e408c32ae7d289;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:09:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KRgnQjCgLSmDfOzv45W6FIAxN5J1mYyWfHCV4rkWBztOSZZgGPzpYg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 03:19:11 GMT
age: 15640
etag: "910accaca2e49f987a3aee63aa3ad8de8298a052"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8726105-cc11-4ded-a83e-841fadde759e.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8726105-cc11-4ded-a83e-841fadde759e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17494b6e52ac7108f3ff324860bab717
9d71a025633cfaa02dcf9455603fd806f94be0b1
8214ab7d2f6ffaefa6539aced6c93782354ab15f92933b987d3aab8f3afd3bd6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8726105-cc11-4ded-a83e-841fadde759e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9860
x-amzn-requestid: d6287efc-acd0-44b1-a7f9-42e1b8d3b78a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecfAoFnvoAMFnpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb4537-1c74dde5429011e07f63c78e;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 22:35:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TZihK6hSHxfsOoVJ5fW-1u938ymcZg-EeglTU_CD2H6lTVTWiT1Yhg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:46:17 GMT
age: 35614
etag: "9d71a025633cfaa02dcf9455603fd806f94be0b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-163444056-1&cid=1827950795.1673422777&jid=1318528079&gjid=1417378494&_gid=806708181.1673422777&_u=KEBAAEAAEAAAAC~&z=857471641
74.125.131.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-163444056-1&cid=1827950795.1673422777&jid=1318528079&gjid=1417378494&_gid=806708181.1673422777&_u=KEBAAEAAEAAAAC~&z=857471641
IP 74.125.131.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-163444056-1&cid=1827950795.1673422777&jid=1318528079&gjid=1417378494&_gid=806708181.1673422777&_u=KEBAAEAAEAAAAC~&z=857471641 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.basichiccup.shop
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 11 Jan 2023 07:39:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22484186-3&cid=1827950795.1673422777&jid=768349476&gjid=981018089&_gid=806708181.1673422777&_u=aEDAAUABEAAAAC~&z=2113180336
74.125.131.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22484186-3&cid=1827950795.1673422777&jid=768349476&gjid=981018089&_gid=806708181.1673422777&_u=aEDAAUABEAAAAC~&z=2113180336
IP 74.125.131.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22484186-3&cid=1827950795.1673422777&jid=768349476&gjid=981018089&_gid=806708181.1673422777&_u=aEDAAUABEAAAAC~&z=2113180336 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.basichiccup.shop
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 11 Jan 2023 07:39:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.basichiccup.shop/clicks/SleepConnection_files/swiper.js
188.114.97.1200 OK 35 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/swiper.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (65280)
Hash bb656f53278d3fcf29c95761f1a42ded
dafa431e2839fa9eb8cdc59c4733b9c7d352b2a8
ac2569fb314af91db6316289fabebac5d2729ae678d6713ac228a7c2cca2effc
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/swiper.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-21fb7"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLVy2Awx4kuB9%2FLz1wgOM%2FhevEVbMgOO2M7jf%2B19F8dqT%2FvrEmEEd2Up7OKtnc8mDtGQVaklSbcpcaxvEtmjNu9jud%2BEE%2B5WlMDyEX%2FxOFGvZkYj4ATEuLylW6Kou8U%2FEhctF%2BNCbw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c003ffd7fb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/webfonts/fa-solid-900.woff2
188.114.97.1404 Not Found 162 B URL HTTP/1.1 www.basichiccup.shop/clicks/webfonts/fa-solid-900.woff2
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
Analyzer Verdict Alert fortinet Phishing
GET /clicks/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/solid.css
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1
HTTP/1.1 404 Not Found
Date: Wed, 11 Jan 2023 07:39:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xbwQb0Rf7LbrMjmFAyhCo99wnbI8BXO64iMxrU59%2BGGi%2FrU8XZwUHPgL%2FAtyxcFxsNXsyxVA89lSWQ8C93629k%2B3LEIqgkGpvseVALcITqlb4aStOSF44sdi60OAKcrVvGHP1Mn%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00410e3c0b41-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39bf291e57709ceecd07cf4dd5539ecd
e0b3aef8b47e4184fa743345c332f07bd3f7128e
3ee3402a998f6b858ecb1708f7fc42fa5f369abd4334dced3e621cd59cb26494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.basichiccup.shop/clicks/SleepConnection_files/share-link.js
188.114.97.1200 OK 1.1 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/share-link.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (2634)
Hash 3ab97850280705e11cb4677637c06f28
9aa1c31984fd4b13519748a36cbc401beaedb609
aa68ff29e8c8167da1192bcefd4ac26e57fa44be92dafe43a998cffd3999a9ec
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/share-link.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-a4b"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBKURvYdJY947j2KTcd9frUt%2BOQIjUKeNZtOpTu%2FsnhiaRkH6JzCp7OiL6r36FmNcmonKfieJINihNMIorHqxo2kleXjHe72RH%2F4sGVMd812aaVFkasEzShrqynuF5%2BIZk5ri41P3A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00406c980b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/frontend.js
188.114.97.1200 OK 30 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/frontend.js
IP 188.114.97.1:0
File type Unicode text, UTF-8 text, with very long lines (37808), with LF, NEL line terminators
Hash 026df9b86e396c6b0606049a1f45b3d3
297916a32f277ccf2640031f29745a327ff8c344
2b13a657a847af03f5863481fc0b74ffb99bd2505937d3f7bc6834cc046f189a
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/frontend.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-1c567"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZH0jrwzPzXfbmPE%2FKwt%2FGfJZP9%2BwYTtFf%2BZ1sJLd0sgx6ARHIjI6jQApKahxCQYaJbj8LBqyvTVbxaEA7cA%2F9ABWaeeO3CfdyORjhJT4k5s5cJSGFwMHGs1OuQZPdt2U4%2BnfKxmQ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00408af4b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/mylogo1-300x63.png
188.114.97.1200 OK 16 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/mylogo1-300x63.png
IP 188.114.97.1:0
File type PNG image data, 300 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash 856d22ca5c5d83e31d664c09c9dd2254
1cec9230aeab8e188fb1360edb62ea50735329c1
fc74229bb4f3bbbbced2a5a87a531cd2b17301e3b4ffd36d2410bc279009c65f
GET /clicks/SleepConnection_files/mylogo1-300x63.png HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: image/png
Content-Length: 15625
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: "63a31ee8-3d09"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w17jtOh3KwJXq6qO2If7sdbVwCfbmEqEIxlHJtV9Q6ybG%2FO128TK%2F9JtuHM7b43wVmMMxcUoNmiiuHRjJ3KBcw6lqqg5KvWFpZfCIgR2QGx6%2FlrQhLd23kjTb%2BFKkQ9Lt58EIkYzEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00415a6fb51e-OSL
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/fonts/eicons.woff2?5.6.2
188.114.97.1404 Not Found 162 B URL HTTP/1.1 www.basichiccup.shop/clicks/fonts/eicons.woff2?5.6.2
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
Analyzer Verdict Alert fortinet Phishing
GET /clicks/fonts/eicons.woff2?5.6.2 HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/elementor-icons.css
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1
HTTP/1.1 404 Not Found
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1RH0zTkfTTnoAqyHKJ%2FCdX8lYClAZ3g4OMlCpoJxdbDWKBfGCHHqwaO3sPatByfHYkaFFdJfRRqRGvXyVRvI73jtVp5tJr3InTHiSUlUxuaCTyh%2Fn3nJ1rUF%2BrAcndfuPxjdAhmmA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0040bfc71c0e-OSL
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/sddefault-1.jpg
188.114.97.1200 OK 122 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/sddefault-1.jpg
IP 188.114.97.1:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, orientation=upper-left, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 900x500, components 3\012- data
Size 122 kB (121847 bytes)
Hash 3e0da8fa14df20c03af9ee885e8363d6
b21ae6d7ac8fa227f4313bd9f4da1614386ba247
9880920f8da1054e68f3967372a621d8edc83ede7526c05fe7b3794bb4db06b0
GET /clicks/SleepConnection_files/sddefault-1.jpg HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: image/jpeg
Content-Length: 121847
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: "63a31ee8-1dbf7"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3K1vE%2Br4%2FwvCPMS8uqXo%2BH%2BD8KtLjmcdy4vZHMVrnQAV3b37U3sNUay%2BnH09LuPqkMWv5Rs9EYt4PN3%2BUbEjLRLZTdTrhc8Bwt6XvmmjYx6G8ez5akYccQIIgKX%2BaX8kRn7nXau%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0041dec60b41-OSL
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/webfonts/fa-solid-900.woff
188.114.97.1404 Not Found 162 B URL HTTP/1.1 www.basichiccup.shop/clicks/webfonts/fa-solid-900.woff
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
Analyzer Verdict Alert fortinet Phishing
GET /clicks/webfonts/fa-solid-900.woff HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/solid.css
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 404 Not Found
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70Thbh2KfrWZUXIRZ14lFrufGUd9ArLnpRGetU%2BtQxc1fsfte4enqGRvPz4GRx2jXkx9w2oxiNx0dLIq5yEqitPSz%2BLCby53RKD4zuVEchNHiXyOExuoDIWspsrSh8tGpKGNdPVPng%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00423e4b0b4d-OSL
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/right.jpg
188.114.97.1200 OK 19 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/right.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 306x258, components 3\012- data
Hash 34994b47e5d961124fe9224e91d4187e
da611822c5b74bf4e90c3b3f6c8ac5f14283ed83
1d5e5a4a8642b261bef62bedb5760a6da89182ee8e7f81dcecf1397e87244072
GET /clicks/SleepConnection_files/right.jpg HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: image/jpeg
Content-Length: 18916
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: "63a31ee8-49e4"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M12JzQsAyXE6jUQQKQ3YnAL89L1kxvYJrT5ymiQkzHYB35Z2Wf7RVHsC3yNROntYKWyoTHS6uRn3o%2Fq69PjGVD7wDa5kxrRHOqUWhGnLyI9AR5G4fxtGfftpNNjB85xeDplMIpytLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00423c82b523-OSL
alt-svc: h2=":443"; ma=60
nxt.snorestopper-watch.com/tracking/universalJSRequest.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&ffq=set|ff|flux_url|ff|http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK|ff|set|ff|flux_ref|ff||ff|set|ff|flux_f|ff|898555254864530559|ff|set|ff|flux_inject|ff|%7B%22intoUrl%22%3Afalse%2C%22intoForms%22%3A%7B%22selector%22%3Anull%7D%2C%22intoLinks%22%3A%7B%22selector%22%3Anull%7D%2C%22tokens%22%3A%7B%7D%7D&frameId=_ffq_track_
172.67.163.238301 Moved Permanently 0 B URL HTTP/1.1 nxt.snorestopper-watch.com/tracking/universalJSRequest.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&ffq=set|ff|flux_url|ff|http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK|ff|set|ff|flux_ref|ff||ff|set|ff|flux_f|ff|898555254864530559|ff|set|ff|flux_inject|ff|%7B%22intoUrl%22%3Afalse%2C%22intoForms%22%3A%7B%22selector%22%3Anull%7D%2C%22intoLinks%22%3A%7B%22selector%22%3Anull%7D%2C%22tokens%22%3A%7B%7D%7D&frameId=_ffq_track_
IP 172.67.163.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tracking/universalJSRequest.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&ffq=set|ff|flux_url|ff|http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK|ff|set|ff|flux_ref|ff||ff|set|ff|flux_f|ff|898555254864530559|ff|set|ff|flux_inject|ff|%7B%22intoUrl%22%3Afalse%2C%22intoForms%22%3A%7B%22selector%22%3Anull%7D%2C%22intoLinks%22%3A%7B%22selector%22%3Anull%7D%2C%22tokens%22%3A%7B%7D%7D&frameId=_ffq_track_ HTTP/1.1
Host: nxt.snorestopper-watch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 11 Jan 2023 07:39:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 11 Jan 2023 08:39:52 GMT
Location: https://nxt.snorestopper-watch.com/tracking/universalJSRequest.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&ffq=set|ff|flux_url|ff|http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK|ff|set|ff|flux_ref|ff||ff|set|ff|flux_f|ff|898555254864530559|ff|set|ff|flux_inject|ff|%7B%22intoUrl%22%3Afalse%2C%22intoForms%22%3A%7B%22selector%22%3Anull%7D%2C%22intoLinks%22%3A%7B%22selector%22%3Anull%7D%2C%22tokens%22%3A%7B%7D%7D&frameId=_ffq_track_
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eWcJpEZwnqdRrp2VtI%2FLqB3vJMf7onj8o1kNNHZTVpQfxeF2nDQO%2F1vyWyaVJI0VKrEsk2idRNsqOxvfo2g2zE8geuI4IzhWnSeuloDsfgCdem7E%2Bc7o1wYQjPqwoqbVMubUga3fQy%2BxSer2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00432f1bb509-OSL
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/blank.htm
188.114.97.1200 OK 548 B URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/blank.htm
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Hash 0a16aec008013f053a922381dee71f9d
13a69b2e43a426ce54f9a47146955ec0bb169172
4686bf42f5ae452ed851ee0e084ece44ceccef9bc2fde5eee10a33a6c92461ae
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/blank.htm HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upmnDXFB6WdTlap834A40FkxrBRS0IkMJ%2FsbXFfOBokmfHyL3WxBwTx2Daus0H6%2Bwnc54Lf2ZgpNnoQtual3YwmWmrzh4DhpNhzMUEwM5TdBlO84lDTt9%2BdTaY0%2Fc3GybEhlMtCQpg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 787c004278fc1c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/sleep20.jpg
188.114.97.1200 OK 170 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/sleep20.jpg
IP 188.114.97.1:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, orientation=upper-left, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 900x500, components 3\012- data
Size 170 kB (169859 bytes)
Hash f27cf9f087f45a27d162e9e14649b8f5
11e1ea3a4ca543597aab0685ecd4049857c67306
6e772002d1f39ac9e2403d06c84d0bf5161750cdd2c63599c292c081510c06a3
GET /clicks/SleepConnection_files/sleep20.jpg HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: image/jpeg
Content-Length: 169859
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: "63a31ee8-29783"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x332UeEvwxOeab38LcKbfm9u2XqxWWExir80NIWLE8yzx44Qr3gdLzAnRNpascuX9Pgo7qj5uiettJpU7r9y2QOLcvD9boOovhqXRb0HM08bK0kUllxh7VymqBKhkTwYvERhm0y4Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0041bf87b4f7-OSL
alt-svc: h2=":443"; ma=60
www.snorestopper-watch.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.10
104.21.50.151200 OK 41 kB URL HTTP/2 www.snorestopper-watch.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.10
IP 104.21.50.151:0
File type ASCII text, with very long lines (15660)
Hash 406614cdf4781392c7472c7637faca80
4a2d8f43efbb71586642e50778c7d3d179e6cd3d
0149e258c22a852680a215c8244aeda11c22fc9d3a087e59b0954eef22fe6427
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.10 HTTP/1.1
Host: www.snorestopper-watch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 07:39:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 12 Dec 2022 08:34:39 GMT
etag: W/"48b9-5ef9d5fced4d5"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8eJOkz9%2BaSCB0UCKWcTD5DeChIMQbSq8Ba0DBtlg6EHdkWMwbS3kPje1zxzWeaJwEdnmIGxYXR54TrAeQTauug1%2BaAHogNGu8C4PS%2FEvJt7KBcP2Y%2F0VP3JbWl8Zy2KaH4ELPtKlcnc32j9mA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 787c003e0cb70afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.basichiccup.shop/clicks/webfonts/fa-solid-900.ttf
188.114.97.1404 Not Found 131 B URL HTTP/1.1 www.basichiccup.shop/clicks/webfonts/fa-solid-900.ttf
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
Analyzer Verdict Alert fortinet Phishing
GET /clicks/webfonts/fa-solid-900.ttf HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/solid.css
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 404 Not Found
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrkwe443NP5i3iYyK5KJufBpVP9vJI28XIBgYWAEBng6cwtobRyuWp37wQo6fp5WboRwZrg32Cg8DMtiWnsiH6NykMOqtILJIsQRs4OW9Kwk4QCh5z9RiUfHpKCayGfVDrV%2ByFbUow%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00432db9b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/bkinGJw7CuACkYKadGmfj0dQGKfhUQj59ovkW6bR-6o.js
188.114.97.1200 OK 15 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/bkinGJw7CuACkYKadGmfj0dQGKfhUQj59ovkW6bR-6o.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (36064), with no line terminators
Hash 7807d4cbf3c492d9883d729fa37dd7b6
193a01a6d23f4cc3c2e0fbd777dc853f2e1e754c
95cf6c0c695cc2adabaa9454e7c5f498d6806b8413d5012529ede2dc32ebd48b
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/0hhQzuJFAxA_data/bkinGJw7CuACkYKadGmfj0dQGKfhUQj59ovkW6bR-6o.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA.htm
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-8ce0"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqNa19HD%2FwIDB13IiVqf7DbTSXnwJO5o6NIYevpWA5tXT7IyQtAPkPQ%2FT%2FNSleRieMz3g5Y8hfAGTpf%2FEkK8r2aRhFXcpqJNV4jxCJoNLDRucKGToz73QClp8xXaAGmsroZGUFZ7Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00438998b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/fonts/eicons.woff?5.6.2
188.114.97.1404 Not Found 162 B URL HTTP/1.1 www.basichiccup.shop/clicks/fonts/eicons.woff?5.6.2
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
Analyzer Verdict Alert fortinet Phishing
GET /clicks/fonts/eicons.woff?5.6.2 HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/elementor-icons.css
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 404 Not Found
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbObq%2BUhnJjWev1YClfmFdO%2Fxq9%2BQ6x111YfiPO0IsPutBfL7WaAJGP4jWTekxs0pxfhw1XMFnyPaOPSaearnoYQN6P%2BjaomNk42DKNIZTjKY8wxoJhPhhCAAyEUvlDx08eunpjpiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00430f220b4d-OSL
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/blank_data/inject.css
188.114.97.1200 OK 928 B URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/blank_data/inject.css
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash e1c22e631b7cce42e3ef13cd9bb02ff5
6c6c2b15c56e776d9eac10babf3a6c4a2bd964ae
93950a736308fe62073a44a76b8ec05b9a651062f6ecee4782059d0718aab6dc
GET /clicks/SleepConnection_files/blank_data/inject.css HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/blank.htm
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-f28"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJfBeRrebCNpMA5iZjkoG9owykzi8yinbO1qnqaIxFBUvWCDagIiWjoCE2j8Hty9AC0Z4CqzWfjGJ8MNA0Qg9zCApZ8V1HLITPogPzLYEBO0nbGTyHnypAdUhEwyFeFIfJD63%2BuqOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00444a8e1c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/www-player.css
188.114.97.1200 OK 54 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/www-player.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f62e7a36e91f0573dce26b6e20f15edc
e1b902b45a4e715b4678bb5ce52174915a70ac56
9a8dc2b8586ceeea79b62f203f18aacda260b5905a0e1629f0ed4c24b4e71e24
GET /clicks/SleepConnection_files/0hhQzuJFAxA_data/www-player.css HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA.htm
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-545f1"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BlAM4YJynfwqLGd2%2FM6HfF01mtU2ynvONqCmFPeM6vJLuLWwkwzo3icuMtkA5urkxs2%2FYrqFJQQnFV6oU5FYsF4zyJ%2F%2FeMSaWv7EmLeydrp5fL%2BPx8zscsQh4tk0friEPI0J%2FrDww%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0044486b0b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/ad_status.js
188.114.97.1200 OK 29 B URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/ad_status.js
IP 188.114.97.1:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/0hhQzuJFAxA_data/ad_status.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA.htm
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: application/javascript
Content-Length: 29
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: "63a31ee8-1d"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CNVbrqfzlwa0YwGv9VCqPGHXHZ5GLHlM4v34N6T7%2BTFdn%2FI5Y1AI9Dm4TLsXgA5XGVPJuOStUJmfq1i0AECdm4CvtY89z4iiBgdAkzqHmMKF1KCBlV3FIMuq0c9zryQgNuQqXvZpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0043fe99b523-OSL
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/remote.js
188.114.97.1200 OK 40 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/remote.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (560)
Hash 24ddb1aed4286a8f5c564fa4b5cab979
80a0b3018324f60b8d4c2a586ba790dca2431a5e
ce0b158bfbe220345b72aa564b3f33e2306b4f2a339aae55c42c9a27ba09812a
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/0hhQzuJFAxA_data/remote.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA.htm
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-1da83"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oqcHYwjQu65twazYn8hi0bj5IqUSPLYHZ9Xi9wjKHXW6OTe4J9gSTFaYWsfTKfYJvAxrw3wi68gHP1S3BhGlk9lh3%2BK5NKJJmVmDcuTpeFDwc93AceydUOJ%2BWHEcEgp2Xmyk4rFZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0043fd0cb51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/fetch-polyfill.js
188.114.97.1200 OK 3.0 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/fetch-polyfill.js
IP 188.114.97.1:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash d636f0335d79491debb4020a71874bbf
3ad92badf1ec43ea122814b6e0bea9fe87d0926c
bc92bbfe4b528dffc2fd0ecc63e4057043876e8b77756595c2cc9f47c8ff04c3
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/0hhQzuJFAxA_data/fetch-polyfill.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA.htm
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-258f"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3I2xX0wr%2FG%2BPBvmG4LYb%2BVFvPO1%2FWkxyyk7D%2BYBi3y8wgo2enK8typcmZ0J11szbDhW2itIipW4g1I%2Bzk%2B3lr%2BBU7DPgTwmjI9eyqXxclQdrU8vaLkE6SAJqqYxeK7V5jTnxZYjyA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00452b521c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/base.js
188.114.97.1200 OK 600 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/base.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (554)
Size 600 kB (600200 bytes)
Hash e6c1b42c3018970ccf8d10d977695bef
0cc72e298a353020c5e4b395107bf8b05db47142
a0ec6dc5e509f3df58c05a3979e7e52e8abe9cce51c22564c99b6d32d94c4c21
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/0hhQzuJFAxA_data/base.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA.htm
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-1cbb31"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FQ8dqhJYxQDVCjXFujTeprEC%2BYsRT8jXbEo5uu1zd9fQUdThAprcfoqILEQyqQ6z9DeEui3ic7oEDn7yG90tPSEaWmtwI8AOM%2FFGf73n0Otnq2O4ZP41aI5SxCdGJzh6VYx9tNZlg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0044b8860b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/fonts/eicons.ttf?5.6.2
188.114.97.1404 Not Found 131 B URL HTTP/1.1 www.basichiccup.shop/clicks/fonts/eicons.ttf?5.6.2
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
GET /clicks/fonts/eicons.ttf?5.6.2 HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/elementor-icons.css
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 404 Not Found
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWxcdGfaIthd1BZb9PmAaNDmPK1mHq2kuAIXLbATWBs%2FmbHKCevrAYM7rZWFj0Eh1hGplzD3BMMUM84%2Bts5L6k5cVyZSBmiNwg5pD6JJup5c8ehZ4nLV7bOOkVKYDyoRv6Kckwugvw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c004538e50b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/sleep20-1.jpg
188.114.97.1200 OK 170 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/sleep20-1.jpg
IP 188.114.97.1:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, orientation=upper-left, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 900x500, components 3\012- data
Size 170 kB (169859 bytes)
Hash f27cf9f087f45a27d162e9e14649b8f5
11e1ea3a4ca543597aab0685ecd4049857c67306
6e772002d1f39ac9e2403d06c84d0bf5161750cdd2c63599c292c081510c06a3
GET /clicks/SleepConnection_files/sleep20-1.jpg HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: image/jpeg
Content-Length: 169859
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: "63a31ee8-29783"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yunc4LJvuGZ%2BooS0AddW6tJyHxuu0ccZi47LqZult5XsovZid%2FzACCDBwyVJdlwvoPNK7d0p%2FDFUKOaTOJuwsAIsuLjjAGLhO2asHAsvw7pRZD0yKt%2Ba2zfMb6tlGxqRwiQegKXtqg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0045cf07b51e-OSL
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/placeholder.png
188.114.97.1200 OK 6.1 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/placeholder.png
IP 188.114.97.1:0
File type PNG image data, 1200 x 800, 8-bit colormap, non-interlaced\012- data
Hash 1632e46a5c79d43f3125ca62c54189cb
0897f3db9a66f710a4975dbdcc5fed765b62be0f
1a8352b9372452ab024b5dfd3c74cd8fac2c84e7ff152879f83949c4707fd87e
GET /clicks/SleepConnection_files/placeholder.png HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: image/png
Content-Length: 6146
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: "63a31ee8-1802"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkA0%2B9GxbKtqILqzw0DDwvnAbHfXRjKaqmrtKf3Nz6IB6lqP2rQJ2sFoNDgkB%2Bl%2BMKhHquk6qwUiAPse2cyy9ar21d45QQzfsozlK9BGHACgmkYaMBo7X4iylOkaxy8xu%2Fb5SOmd3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c004639ab0b4d-OSL
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/sleep8.jpg
188.114.97.1200 OK 74 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/sleep8.jpg
IP 188.114.97.1:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, orientation=upper-left, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 900x500, components 3\012- data
Hash 6fa7f935ca379f46e0da3a2d53e218f0
291f37698a59386f354ff4a9baa7293c6e5ef9fe
9dd706864012531124011502699bf1c5cbd7c6a5cd08bfc081a157d91e1ecc85
GET /clicks/SleepConnection_files/sleep8.jpg HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: image/jpeg
Content-Length: 73909
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: "63a31ee8-120b5"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FmFYrx%2BufLek70TBgS5Y1vsZQZA18JirraStMcOMzRq4kMH0tUw0Vm0n1ATw6jIIVNmXS5Jyl9T7gQDV2qd8jAhkL%2FLoGBCrYXSAXEOA6c8%2FWQfYpmCs8zF0OeXKCk8Z2g%2BG9dZAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0045a8a7b523-OSL
alt-svc: h2=":443"; ma=60
www.basichiccup.shop/clicks/SleepConnection_files/dmca-badge-w100-5x1-11.png
188.114.97.1200 OK 2.4 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/dmca-badge-w100-5x1-11.png
IP 188.114.97.1:0
File type PNG image data, 100 x 20, 8-bit/color RGBA, interlaced\012- data
Hash 521db716019fc733b48f77f9822b30ee
8f8e11a44c38076713fd1a0233ef7de9f68498ed
2292a183dd2a364653441cf13efd89138c43eab4dacbb35e9bc061b07c749be1
GET /clicks/SleepConnection_files/dmca-badge-w100-5x1-11.png HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: image/png
Content-Length: 2390
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: "63a31ee8-956"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OawYpL1e0gKB7uYbeEYcCKGcxXDhZnNn8IppQJx6fz9ZdPGSxP4TZusjng5Su%2Fq%2B8fS0V%2F2nyrpC8kLvj1aGZ%2FyBGCA0zrxkAeOQLmlpMU%2FtysCCav%2FH%2FG19fhuVu7To9I15fnddGg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00460c3f1c0e-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5f5f3214d73a0066cf4784dac4d8573b
47832303343c4a19070eac14f0587518430a65e2
448453048adc356672036cfeb00a74126e089dc389a1c0eac52373ae99e39951
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3510
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:52 GMT
Last-Modified: Wed, 11 Jan 2023 06:41:22 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d3d631f824642942edba0387cf019a5
e7605d850d2687eb211769bd17ef706e35845f69
c17f2b3cfedc60003482a6c9f3a692b9a052ae63bd873c28b9532416a1f0b279
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ee335bb2a20e83a137dedff2ff1f54b7
388a3728c5900302ff6cf2f1e27bcb12e8896b05
9ebf03e142fa0c5477430d456f614d9cea75229b2b3aa8643e0051e0fe760476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d3d631f824642942edba0387cf019a5
e7605d850d2687eb211769bd17ef706e35845f69
c17f2b3cfedc60003482a6c9f3a692b9a052ae63bd873c28b9532416a1f0b279
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d3d631f824642942edba0387cf019a5
e7605d850d2687eb211769bd17ef706e35845f69
c17f2b3cfedc60003482a6c9f3a692b9a052ae63bd873c28b9532416a1f0b279
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 4aa5723e20bb937995d58baee63ccef3
4f4451ce70e0f1174447f509b9ecfae0030d69b8
a442ce52f0330fe4e1d6e25a76d9cf569cf7e649416caf201d0570a1cadf7de8
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 8z3wN9ucT2f7TMCJya5ZiQv7PyB6VFELE77oauqQwYyJ89+/pUTwXxFDz3/4yp9DSeHJMzLnNlBeNEuH8sNYnA==
priority: u=3,i
content-length: 27613
x-fb-trip-id: 2074150462
date: Wed, 11 Jan 2023 07:39:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ee335bb2a20e83a137dedff2ff1f54b7
388a3728c5900302ff6cf2f1e27bcb12e8896b05
9ebf03e142fa0c5477430d456f614d9cea75229b2b3aa8643e0051e0fe760476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1827950795.1673422777&jid=768349476&_u=aEDAAUABEAAAAC~&z=907691317
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1827950795.1673422777&jid=768349476&_u=aEDAAUABEAAAAC~&z=907691317
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1827950795.1673422777&jid=768349476&_u=aEDAAUABEAAAAC~&z=907691317 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 07:39:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.132200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (1654)
Hash de960799fde6a44cf690b8e15d389495
00bb592da534f0190835adf504119f572ce68bd6
d505440d4cd31009e125a83072f18ee81fe98feb888b31c73e6e53111c92190d
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 11 Jan 2023 07:39:53 GMT
expires: Wed, 11 Jan 2023 07:39:53 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7072837032443357795
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1827950795.1673422777&jid=768349476&_u=aEDAAUABEAAAAC~&z=907691317
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1827950795.1673422777&jid=768349476&_u=aEDAAUABEAAAAC~&z=907691317
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1827950795.1673422777&jid=768349476&_u=aEDAAUABEAAAAC~&z=907691317 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 07:39:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-163444056-1&cid=1827950795.1673422777&jid=1318528079&_u=KEBAAEAAEAAAAC~&z=2020829795
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-163444056-1&cid=1827950795.1673422777&jid=1318528079&_u=KEBAAEAAEAAAAC~&z=2020829795
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-163444056-1&cid=1827950795.1673422777&jid=1318528079&_u=KEBAAEAAEAAAAC~&z=2020829795 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 07:39:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5f5f3214d73a0066cf4784dac4d8573b
47832303343c4a19070eac14f0587518430a65e2
448453048adc356672036cfeb00a74126e089dc389a1c0eac52373ae99e39951
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3511
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:53 GMT
Last-Modified: Wed, 11 Jan 2023 06:41:22 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-163444056-1&cid=1827950795.1673422777&jid=1318528079&_u=KEBAAEAAEAAAAC~&z=2020829795
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-163444056-1&cid=1827950795.1673422777&jid=1318528079&_u=KEBAAEAAEAAAAC~&z=2020829795
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-163444056-1&cid=1827950795.1673422777&jid=1318528079&_u=KEBAAEAAEAAAAC~&z=2020829795 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 07:39:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ee335bb2a20e83a137dedff2ff1f54b7
388a3728c5900302ff6cf2f1e27bcb12e8896b05
9ebf03e142fa0c5477430d456f614d9cea75229b2b3aa8643e0051e0fe760476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 66b50d58ebed379dc4f68b02c92f59d2
635df6d7900149fd2ce567c9d56f14ee71bb2b41
8092144e087cea4ee21d2a00fa5488225063f57d821ae9fdebe12c4478b08fc5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/730863180/?random=1673422778833&cv=9&fst=1673422778833&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg3e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&tiba=SleepConnection%20-%20SnoreStopper%20Watch%20-%20Official%20Site&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/730863180/?random=1673422778833&cv=9&fst=1673422778833&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg3e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&tiba=SleepConnection%20-%20SnoreStopper%20Watch%20-%20Official%20Site&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2677), with no line terminators
Hash e8aff6dfad9eb38dd7376145555c9826
2272dfa90df7fa1c45a35ec701843d44ffcdf4d6
5fb7553b4ef94e8a0a6c5467a07aa52082083c63902eed975c376ec607c95ac9
GET /pagead/viewthroughconversion/730863180/?random=1673422778833&cv=9&fst=1673422778833&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg3e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&tiba=SleepConnection%20-%20SnoreStopper%20Watch%20-%20Official%20Site&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 07:39:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1137
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 11-Jan-2023 07:54:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/730905238/?random=1673422778827&cv=9&fst=1673422778827&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg3e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&tiba=SleepConnection%20-%20SnoreStopper%20Watch%20-%20Official%20Site&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/730905238/?random=1673422778827&cv=9&fst=1673422778827&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg3e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&tiba=SleepConnection%20-%20SnoreStopper%20Watch%20-%20Official%20Site&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2677), with no line terminators
Hash 8c49924d3a8b8251e8aac6d8d9ce4edd
d4fab742822c30cfb2bf8c4975aee12ab0a009c4
a069702619e4b7fff6479dbfe8c5899d40d671a6d591ceea025c7ce3906277ed
GET /pagead/viewthroughconversion/730905238/?random=1673422778827&cv=9&fst=1673422778827&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg3e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&tiba=SleepConnection%20-%20SnoreStopper%20Watch%20-%20Official%20Site&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 07:39:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1148
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 11-Jan-2023 07:54:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/www-embed-player.js
188.114.97.1200 OK 18 kB URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA_data/www-embed-player.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (59652)
Hash db03e38207fe3a61ef8f8b140beeb936
aaa8d8b606b77dc27cef3f2eab6c6ca2124e5890
338d598853a0e25ce117751c80c9ac43c67d6d26d14a44665f9800bc9c9159b1
Analyzer Verdict Alert fortinet Phishing
GET /clicks/SleepConnection_files/0hhQzuJFAxA_data/www-embed-player.js HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA.htm
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: W/"63a31ee8-45cd9"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiljbCe2L8CqEpO%2FjVO6zRX6OTC8S5phyx63xuaI4UVrV5lp1MQDwshXtbpwGSqsswQQp45z%2BWeRiuDql9kGoFT1%2FrtcdHoalwEC%2BA0P9yNuKiT8IRWimOXKT%2BaPDqPRH49hzJUfUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c00446a74b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
googleads.g.doubleclick.net/pagead/viewthroughconversion/730868448/?random=1673422778835&cv=9&fst=1673422778835&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg3e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&tiba=SleepConnection%20-%20SnoreStopper%20Watch%20-%20Official%20Site&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/730868448/?random=1673422778835&cv=9&fst=1673422778835&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg3e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&tiba=SleepConnection%20-%20SnoreStopper%20Watch%20-%20Official%20Site&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2677), with no line terminators
Hash 36215e726db5406ec0e035ec927e459a
e1ddbc1af28ca584c480384c58e5b8e62680cacb
59f0b9b900b8c4882b5f78e2624112b6071345aba64cb6a652c266cafc919a50
GET /pagead/viewthroughconversion/730868448/?random=1673422778835&cv=9&fst=1673422778835&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg3e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&tiba=SleepConnection%20-%20SnoreStopper%20Watch%20-%20Official%20Site&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 07:39:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1134
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 11-Jan-2023 07:54:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.211.2204 No Content 0 B URL HTTP/1.1 googleads.g.doubleclick.net/pagead/id
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
HTTP/1.1 204 No Content
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 11 Jan 2023 07:39:53 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0b32c85a6a700b1d484b1af9a3c9606c
b0367f1fd0de83cb00ebc62847aa554dbe98aa8a
d7648ef83a2b528cd2f48a9e1f94d534fd498aefdc02a40d6d57eaa18d13c307
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/0hhQzuJFAxA/sddefault.webp
142.250.74.118200 OK 10 kB URL HTTP/2 i.ytimg.com/vi_webp/0hhQzuJFAxA/sddefault.webp
IP 142.250.74.118:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1355515c6b485db62b1386ba6d27fe36
b54d6729d8109feb4aa74a1ddefc87036ccf5b7e
05406cfa58f67983aa150c48d84bdcc1b0bfc5869677510e4aa9bbfd71e9b05b
GET /vi_webp/0hhQzuJFAxA/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 10122
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 07:39:53 GMT
expires: Wed, 11 Jan 2023 09:39:53 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0b32c85a6a700b1d484b1af9a3c9606c
b0367f1fd0de83cb00ebc62847aa554dbe98aa8a
d7648ef83a2b528cd2f48a9e1f94d534fd498aefdc02a40d6d57eaa18d13c307
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f4c8ff7e9cce677ddf122f5c34fc2873
dedcdaa22d7c2fc211a2f686551d8e7d3d7cc2be
81adc43d6f344d53166d41130913eed5d71c7f5a4668cc99d987165e368512c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AKedOLS1dnQrjBEP9zo4ySqtGGi8msPKRBnGu9dh=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.2 kB URL HTTP/2 yt3.ggpht.com/ytc/AKedOLS1dnQrjBEP9zo4ySqtGGi8msPKRBnGu9dh=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 52b7225c1db11e6095d795c6dbb26afc
b01409bd44ec3cf089c57d79a95dece629d45540
4494e63d53ba24dbfbd1d1ec70563ea048266eb078d533666e706ed4c00e8085
GET /ytc/AKedOLS1dnQrjBEP9zo4ySqtGGi8msPKRBnGu9dh=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1244
x-xss-protection: 0
date: Wed, 11 Jan 2023 04:39:12 GMT
expires: Thu, 12 Jan 2023 04:39:12 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 10841
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f4c8ff7e9cce677ddf122f5c34fc2873
dedcdaa22d7c2fc211a2f686551d8e7d3d7cc2be
81adc43d6f344d53166d41130913eed5d71c7f5a4668cc99d987165e368512c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 07:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=2573418419437376&ev=PageView&dl=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&rl=&if=false&ts=1673422779315&sw=1280&sh=1024&v=2.9.91&r=stable&ec=0&o=30&fbp=fb.1.1673422779312.1785965143&it=1673422778817&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2573418419437376&ev=PageView&dl=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&rl=&if=false&ts=1673422779315&sw=1280&sh=1024&v=2.9.91&r=stable&ec=0&o=30&fbp=fb.1.1673422779312.1785965143&it=1673422778817&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2573418419437376&ev=PageView&dl=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK&rl=&if=false&ts=1673422779315&sw=1280&sh=1024&v=2.9.91&r=stable&ec=0&o=30&fbp=fb.1.1673422779312.1785965143&it=1673422778817&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 11 Jan 2023 07:39:53 GMT
X-Firefox-Spdy: h2
trc.taboola.com/1240208/trc/3/json?tim=1673422779211&data=%7B%22id%22%3A677%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779035%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.1.44200 OK 112 kB URL HTTP/2 trc.taboola.com/1240208/trc/3/json?tim=1673422779211&data=%7B%22id%22%3A677%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779035%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.1.44:0
File type ASCII text, with very long lines (64471)
Size 112 kB (111935 bytes)
Hash e3fd775c02bc21a2ae2af6f26cd59ac0
5df2d54ff2b1d2199d488a6f82fb5f29aff14142
165079e53c4feed9b1894d6b00726a91e56c81b1e1e28f2ba6a40deaca4c0cca
GET /1240208/trc/3/json?tim=1673422779211&data=%7B%22id%22%3A677%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779035%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 11 Jan 2023 07:39:53 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673422793.459400,VS0,VE122
vary: Accept-Encoding
x-vcl-time-ms: 122
X-Firefox-Spdy: h2
trc.taboola.com/1255588/trc/3/json?tim=1673422779222&data=%7B%22id%22%3A496%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback5%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779036%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.1.44200 OK 1.4 kB URL HTTP/2 trc.taboola.com/1255588/trc/3/json?tim=1673422779222&data=%7B%22id%22%3A496%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback5%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779036%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.1.44:0
File type Unicode text, UTF-8 text, with very long lines (2460), with no line terminators
Hash 34909d8f492fc50f8f7398849554ec68
25557846ac3eabd6d9db2b66353beacac9b880ba
dd619974a1bf0c4574e9d887d1ff33c4b7069548ba380a3a631043cd1595067f
GET /1255588/trc/3/json?tim=1673422779222&data=%7B%22id%22%3A496%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback5%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779036%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 11 Jan 2023 07:39:53 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673422793.460109,VS0,VE204
vary: Accept-Encoding
x-vcl-time-ms: 204
X-Firefox-Spdy: h2
trc-events.taboola.com/1240201/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780584&vi=1673422779025&ri=b03f94f76aaa989c1837f924dfba4a3c&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1240201/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780584&vi=1673422779025&ri=b03f94f76aaa989c1837f924dfba4a3c&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1240201/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780584&vi=1673422779025&ri=b03f94f76aaa989c1837f924dfba4a3c&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:54 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1255589/log/3/unip?en=pre_d_eng_tb&tos=1563&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780591&vi=1673422779025&ri=2d5f0c648e56c21df1421f833257ac7a&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1255589/log/3/unip?en=pre_d_eng_tb&tos=1563&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780591&vi=1673422779025&ri=2d5f0c648e56c21df1421f833257ac7a&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1255589/log/3/unip?en=pre_d_eng_tb&tos=1563&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780591&vi=1673422779025&ri=2d5f0c648e56c21df1421f833257ac7a&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:54 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1240208/log/3/unip?en=pre_d_eng_tb&tos=1557&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780585&vi=1673422779025&ri=a7875a432c7e6b57312a3ebdaae62ae8&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1240208/log/3/unip?en=pre_d_eng_tb&tos=1557&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780585&vi=1673422779025&ri=a7875a432c7e6b57312a3ebdaae62ae8&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1240208/log/3/unip?en=pre_d_eng_tb&tos=1557&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780585&vi=1673422779025&ri=a7875a432c7e6b57312a3ebdaae62ae8&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:54 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1240211/log/3/unip?en=pre_d_eng_tb&tos=1558&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780586&vi=1673422779025&ri=e13c2c2c4b2293312947805b70ce9922&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1240211/log/3/unip?en=pre_d_eng_tb&tos=1558&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780586&vi=1673422779025&ri=e13c2c2c4b2293312947805b70ce9922&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1240211/log/3/unip?en=pre_d_eng_tb&tos=1558&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780586&vi=1673422779025&ri=e13c2c2c4b2293312947805b70ce9922&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:54 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1255586/log/3/unip?en=pre_d_eng_tb&tos=1559&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780587&vi=1673422779025&ri=1066b659297e1a1b71d622a6d5cfdf42&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1255586/log/3/unip?en=pre_d_eng_tb&tos=1559&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780587&vi=1673422779025&ri=1066b659297e1a1b71d622a6d5cfdf42&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1255586/log/3/unip?en=pre_d_eng_tb&tos=1559&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780587&vi=1673422779025&ri=1066b659297e1a1b71d622a6d5cfdf42&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:54 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1255587/log/3/unip?en=pre_d_eng_tb&tos=1559&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780587&vi=1673422779025&ri=0626a588a36111038a1922c971043bc2&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1255587/log/3/unip?en=pre_d_eng_tb&tos=1559&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780587&vi=1673422779025&ri=0626a588a36111038a1922c971043bc2&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1255587/log/3/unip?en=pre_d_eng_tb&tos=1559&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780587&vi=1673422779025&ri=0626a588a36111038a1922c971043bc2&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:54 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1255588/log/3/unip?en=pre_d_eng_tb&tos=1561&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780589&vi=1673422779025&ri=2398f153f672972d74f71d8f08b8b8fa&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1255588/log/3/unip?en=pre_d_eng_tb&tos=1561&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780589&vi=1673422779025&ri=2398f153f672972d74f71d8f08b8b8fa&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1255588/log/3/unip?en=pre_d_eng_tb&tos=1561&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=1500&msa=5811&rv=1&tim=1673422780589&vi=1673422779025&ri=2398f153f672972d74f71d8f08b8b8fa&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:54 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
www.basichiccup.shop/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
188.114.97.1200 OK 383 B URL HTTP/1.1 www.basichiccup.shop/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6cead4d2ea8ebb1492740493e25cbb35
19146417c0c9e562747103a6ed5d7329add7ed28
0504ca79ab9e4c3a86c4a3fcc916f0686b23cf0b6c573f9e63ff603b3581f14e
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Goog-Visitor-Id: CgtPdkRpdzJncjV6USj_r_aRBg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20220323.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1673422778879&flash=0&frm=1&u_tz&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&bc=23&bih=939&biw=1268&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C813%2C457&vis=1&wgl=true&ca_type=image
Content-Length: 2991
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection_files/0hhQzuJFAxA.htm
Cookie: _ga=GA1.2.1827950795.1673422777; _gid=GA1.2.806708181.1673422777; _gat=1; _gat_gtag_UA_22484186_3=1; _fbp=fb.1.1673422779312.1785965143
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDg4bbk5bl1NjJ26X8X5QISLByl6nR6JFCzKhpTakd5OgTjbDeE0PtjkRDolsEY1zse61tn0hdde5gRrxMti82o7mNCPRpHRNNCPczXvkArsta6RT7lqCrEwqam2lFSqjCYUXAR0bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 787c00560c6cb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
trc-events.taboola.com/1240201/log/3/unip?en=pre_d_eng_tb&tos=4565&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783593&vi=1673422779025&ri=b03f94f76aaa989c1837f924dfba4a3c&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1240201/log/3/unip?en=pre_d_eng_tb&tos=4565&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783593&vi=1673422779025&ri=b03f94f76aaa989c1837f924dfba4a3c&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1240201/log/3/unip?en=pre_d_eng_tb&tos=4565&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783593&vi=1673422779025&ri=b03f94f76aaa989c1837f924dfba4a3c&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:57 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1240208/log/3/unip?en=pre_d_eng_tb&tos=4567&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783594&vi=1673422779025&ri=a7875a432c7e6b57312a3ebdaae62ae8&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1240208/log/3/unip?en=pre_d_eng_tb&tos=4567&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783594&vi=1673422779025&ri=a7875a432c7e6b57312a3ebdaae62ae8&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1240208/log/3/unip?en=pre_d_eng_tb&tos=4567&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783594&vi=1673422779025&ri=a7875a432c7e6b57312a3ebdaae62ae8&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:57 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1240211/log/3/unip?en=pre_d_eng_tb&tos=4567&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783595&vi=1673422779025&ri=e13c2c2c4b2293312947805b70ce9922&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1240211/log/3/unip?en=pre_d_eng_tb&tos=4567&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783595&vi=1673422779025&ri=e13c2c2c4b2293312947805b70ce9922&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1240211/log/3/unip?en=pre_d_eng_tb&tos=4567&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783595&vi=1673422779025&ri=e13c2c2c4b2293312947805b70ce9922&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:57 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1255586/log/3/unip?en=pre_d_eng_tb&tos=4569&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783596&vi=1673422779025&ri=1066b659297e1a1b71d622a6d5cfdf42&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1255586/log/3/unip?en=pre_d_eng_tb&tos=4569&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783596&vi=1673422779025&ri=1066b659297e1a1b71d622a6d5cfdf42&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1255586/log/3/unip?en=pre_d_eng_tb&tos=4569&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783596&vi=1673422779025&ri=1066b659297e1a1b71d622a6d5cfdf42&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:57 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1255587/log/3/unip?en=pre_d_eng_tb&tos=4570&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783598&vi=1673422779025&ri=0626a588a36111038a1922c971043bc2&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1255587/log/3/unip?en=pre_d_eng_tb&tos=4570&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783598&vi=1673422779025&ri=0626a588a36111038a1922c971043bc2&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1255587/log/3/unip?en=pre_d_eng_tb&tos=4570&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783598&vi=1673422779025&ri=0626a588a36111038a1922c971043bc2&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:57 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1255588/log/3/unip?en=pre_d_eng_tb&tos=4571&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783599&vi=1673422779025&ri=2398f153f672972d74f71d8f08b8b8fa&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1255588/log/3/unip?en=pre_d_eng_tb&tos=4571&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783599&vi=1673422779025&ri=2398f153f672972d74f71d8f08b8b8fa&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1255588/log/3/unip?en=pre_d_eng_tb&tos=4571&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783599&vi=1673422779025&ri=2398f153f672972d74f71d8f08b8b8fa&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:57 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1255589/log/3/unip?en=pre_d_eng_tb&tos=4572&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783600&vi=1673422779025&ri=2d5f0c648e56c21df1421f833257ac7a&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1255589/log/3/unip?en=pre_d_eng_tb&tos=4572&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783600&vi=1673422779025&ri=2d5f0c648e56c21df1421f833257ac7a&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1255589/log/3/unip?en=pre_d_eng_tb&tos=4572&scd=0&ssd=1&est=1673422779027&ver=36&isls=true&src=i&invt=3000&msa=5811&rv=1&tim=1673422783600&vi=1673422779025&ri=2d5f0c648e56c21df1421f833257ac7a&ref=null&cv=20230108-3-RELEASE&item-url=http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.basichiccup.shop
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jan 2023 07:39:57 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.basichiccup.shop
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=66dff31435
172.64.169.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=66dff31435
IP 172.64.169.22:0
GET /releases/v5.15.4/css/free.min.css?token=66dff31435 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.basichiccup.shop/
Origin: http://www.basichiccup.shop
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 07:39:51 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3c40a0775e2798dc9f20a237d0225e44.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 7kBe6-2YwKrsav2ML4gowlBTTWAQMEoY4eMC2xRhKn7BsrgJbey-_w==
age: 104369
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pBQKB7q%2B65HWPwSy120hyiv4zyHhaHo19rQrn8IiuCJHYNyav9ac0R8ezauZUVdyZeAKor37r98WdqTwWopC74%2FqzJMRBgReMBqW8nMBjwsdCRraDpipDdSid6lN8P7jYQrWrtUig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 787c003ccd837744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.basichiccup.shop/clicks/SleepConnection_files/sleep24a.jpg
188.114.97.1200 OK 0 B URL HTTP/1.1 www.basichiccup.shop/clicks/SleepConnection_files/sleep24a.jpg
IP 188.114.97.1:0
GET /clicks/SleepConnection_files/sleep24a.jpg HTTP/1.1
Host: www.basichiccup.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.basichiccup.shop/clicks/SleepConnection.php?sid=1004058&h=nT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg/JMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 07:39:52 GMT
Content-Type: image/jpeg
Content-Length: 124248
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 14:57:44 GMT
ETag: "63a31ee8-1e558"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7woMON86A%2BATsBNfsWumpYQ%2F9hUxOpyyUHld%2BgQ6g9gx4u6R2yvIIigwRgQxOfGzuHWlA9GywrXH7yg3wpCRMLylkW9%2BhjX7p0mzFN09QfGzLmrtW49BFeSsdVF0adOr1HM%2BBWRBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c0042bf2f0b41-OSL
alt-svc: h2=":443"; ma=60
trc.taboola.com/1255589/trc/3/json?tim=1673422779224&data=%7B%22id%22%3A900%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback6%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779036%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.1.44200 OK 0 B URL HTTP/2 trc.taboola.com/1255589/trc/3/json?tim=1673422779224&data=%7B%22id%22%3A900%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback6%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779036%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.1.44:0
GET /1255589/trc/3/json?tim=1673422779224&data=%7B%22id%22%3A900%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback6%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779036%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 11 Jan 2023 07:39:53 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673422793.458715,VS0,VE110
vary: Accept-Encoding
x-vcl-time-ms: 110
X-Firefox-Spdy: h2
trc.taboola.com/1240211/trc/3/json?tim=1673422779216&data=%7B%22id%22%3A629%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback2%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779035%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.1.44200 OK 0 B URL HTTP/2 trc.taboola.com/1240211/trc/3/json?tim=1673422779216&data=%7B%22id%22%3A629%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback2%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779035%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.1.44:0
GET /1240211/trc/3/json?tim=1673422779216&data=%7B%22id%22%3A629%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback2%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779035%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 11 Jan 2023 07:39:53 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673422793.459644,VS0,VE114
vary: Accept-Encoding
x-vcl-time-ms: 114
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=66dff31435
172.64.169.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=66dff31435
IP 172.64.169.22:0
GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=66dff31435 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.basichiccup.shop/
Origin: http://www.basichiccup.shop
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 07:39:51 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f40585e1285ddfba696e566c1dd902de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 0Zqtu-zXi07ysT2VN-QhsZHiGI9RoAlQhbIW9zr3o3sA_Ei2vsDfgQ==
age: 104369
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLyXYunwAA2vaIoyMpt2KJ59wpegkISl4mCHnl99BXfk4L7oJLdSQDunxhCnTniTiOQVq%2Fdf1QRpaeqSY54x8k2T04LZz10rFb0Kn43YciZx8XZ%2BetARcZtVG7GC70NyyZwg2PYsRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 787c003ccd857744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trc.taboola.com/1240201/trc/3/json?tim=1673422779030&data=%7B%22id%22%3A301%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779029%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.1.44200 OK 0 B URL HTTP/2 trc.taboola.com/1240201/trc/3/json?tim=1673422779030&data=%7B%22id%22%3A301%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779029%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.1.44:0
GET /1240201/trc/3/json?tim=1673422779030&data=%7B%22id%22%3A301%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779029%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 11 Jan 2023 07:39:53 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673422793.305893,VS0,VE117
vary: Accept-Encoding
x-vcl-time-ms: 117
X-Firefox-Spdy: h2
trc.taboola.com/1255587/trc/3/json?tim=1673422779220&data=%7B%22id%22%3A655%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback4%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779036%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.1.44200 OK 0 B URL HTTP/2 trc.taboola.com/1255587/trc/3/json?tim=1673422779220&data=%7B%22id%22%3A655%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback4%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779036%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.1.44:0
GET /1255587/trc/3/json?tim=1673422779220&data=%7B%22id%22%3A655%2C%22ii%22%3A%22%2Fsleepconnection%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673422779025%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.snorestopper-watch.com%2Fsleepconnection%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback4%22%2C%22qs%22%3A%22%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-35-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1673422779036%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.basichiccup.shop%2Fclicks%2FSleepConnection.php%3Fsid%3D1004058%26h%3DnT7mqffIXgtX8UDainxExM64ciSERVeMzq21dfcPzmg%2FJMqQc7XgvLFuO0oqUb2bz-6WZxQ_7wjBkJ_32WSs5iCwebcovnDjQeyMBmcQY_J_2QP-oKT9fCeATYgw-3E_zmjB67cehribtumqlg0QwHzkVLM5wHl-zzG51XXHCzwK%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.basichiccup.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 11 Jan 2023 07:39:53 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673422793.459893,VS0,VE110
vary: Accept-Encoding
x-vcl-time-ms: 110
X-Firefox-Spdy: h2