afuncan.com/images/a-logo.png
104.21.65.132200 OK 3.8 kB URL GET HTTP/3 afuncan.com/images/a-logo.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 228 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 67fc61f966ca011c17b31f2882887e3c
6681ad1328df4fcbd83099d792f9fd6651e40dec
63bebcc290548f2787451225dbbb18821a960500580bda3e4bd9e46c38fbf4dd
GET /images/a-logo.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 3757
last-modified: Sun, 09 Apr 2023 03:17:49 GMT
etag: "ead-5f8deb3f69c01"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WID%2F%2FXgxqVJfgdM97G2ofRJ7tHP3dbOJFfFzKFl84oOpKhXKi3LTsaA38RKX3QgzuWS9DrixD9fUolBXDJT787ZIc2K%2BhzvIh5D%2FLnzQu4ZicWiTn8j7abMYuRWIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a47b31fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 770261
expires: Thu, 09 May 2024 20:19:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBptmKp0AyEe%2FnriO1i%2BzFvQuUfLMg34Hc6Wf5V8T38FVq%2B%2B%2BYPTcGxA2q3xpxYo1LBEOc0yFqpq1%2BsmzgDeSvsmUWYRG1Yb48Hzzuyhx8uLnw2k4od3SbuZVykXC5IlKaG5BwJ5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ca746a4bc2a0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
afuncan.com/content/themes/dark-grid/images/star-5.png
104.21.65.132200 OK 750 B URL GET HTTP/3 afuncan.com/content/themes/dark-grid/images/star-5.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 100 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash e4fbff9435793b7882853140c30f6a51
d5e3a909855ed159b50277740a498e1b2374fbb2
9eb844a3f703f015f2496f3b57460617fac4260402052c651022d1bc4fa0146b
GET /content/themes/dark-grid/images/star-5.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 750
last-modified: Fri, 07 Apr 2023 08:41:57 GMT
etag: "2ee-5f8baff7f0cf2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmOVPGqLv%2FULTdunDj5qNuwxk%2BANUq%2B6wkOUx%2BAaKBJwUSGIPgsx%2FL%2FhaQZRAWXwd9UngUNPbt3iCIJKLvSx%2FrHy3FKIAllY20tbIrdRkdKsQShjSmJYWWptBu6hnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4bb65fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/brick-out/thumb_2.png
104.21.65.132200 OK 82 kB URL GET HTTP/3 afuncan.com/games/brick-out/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ae483edc1839af610dc148748bb5628
6e588b8eb05c27ed9865ee8ab5912393aee22ecb
1c0b65210d85ffb41bc62809f949e1884b80c10eceb48becc71cb76a25c01856
GET /games/brick-out/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 82172
last-modified: Mon, 10 Apr 2023 02:35:27 GMT
etag: "140fc-5f8f23a4ce4f3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMBfi3ZdEmakThWsdO4nQz8e8Aur%2F3IcHzI7h3XkyTIWc96ST72kjgU0MlR2QHKmkGVkQK5jaEJotUp7UbeGJv9i2a24HXXpjmrzPvzkKOcZW2ovEuy%2FVICMH%2FW9RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4bb66fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/ninja-run/thumb_2.png
104.21.65.132200 OK 116 kB URL GET HTTP/3 afuncan.com/games/ninja-run/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 116 kB (116389 bytes)
Hash 675d342303abfc20f33a026b70016894
e101487b3977125189a83c01d17a5d29c160672f
1ad288ea09018b96aed178e346a10ce208032784cf41558443f902fa5e82deee
GET /games/ninja-run/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 116389
last-modified: Mon, 10 Apr 2023 02:46:06 GMT
etag: "1c6a5-5f8f2605f9cf0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9oDL22bpeam7sx%2FCEQmXxnhZhUJeMw7yb6uWZEKW1lKN1tHyzHD4%2F7QJnT7shlKn34xpszOur%2Fog1adllaA%2BBddwRjAElZtQXKYjfxl%2Bqopyc16GTmlWBJuDD5muw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4bb67fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/halloween-bubble-shooter/thumb_2.png
104.21.65.132200 OK 114 kB URL GET HTTP/3 afuncan.com/games/halloween-bubble-shooter/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 114 kB (114014 bytes)
Hash dd13b06819d788d3f88ec5c6df40f8bc
ce7909cfbd2a19726ce62e1bae9e972a8ebd31fc
6007ea58ba1bde429a66d39ac2e49f5136281d8b79889da9746c4a4ffc5014b2
GET /games/halloween-bubble-shooter/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 114014
last-modified: Mon, 10 Apr 2023 02:42:01 GMT
etag: "1bd5e-5f8f251cf5f51"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5oie2Y8Ao0HGlDv74p%2FARG0WkKTkU382c47cLeYXekYfsTJbUGeZOkTMhW0JcLRltC3MnLmdkej93KEJb4tA9JAoueW2Z58iwKasa6TeUt%2FClrFPl2emlcPfpiu6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4bb63fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/viking-escape/thumb_2.png
104.21.65.132200 OK 68 kB URL GET HTTP/3 afuncan.com/games/viking-escape/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash d1f5a2a99131c447ea49ab8bcf768b4c
186821fb86a3e32a4cbcdb5d52ac4a104c316d56
b0ce7897c1fa7da7cce03ad8eac4ff53b9260bbcf3c175d7a5b6c5a68285803f
GET /games/viking-escape/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 68174
last-modified: Mon, 10 Apr 2023 02:30:08 GMT
etag: "10a4e-5f8f2274af941"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5llV4YpQtB3B8SuUUkifoMsQLmx0PaNywFBqrJX7Z1uOfSIUhWHmdB3ycQlfJg%2F5nholAuxlZxL3V7Wx9neAuwfZhMhDx3Xs1y3c83liFU9q3KwLjI596WxtNMfFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4bb69fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/swat-vs-zombies/thumb_2.png
104.21.65.132200 OK 63 kB URL GET HTTP/3 afuncan.com/games/swat-vs-zombies/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 18cba20ca4489470634e33eb45bd03b1
8272260d297a82c87e90bdfb29556d9f38646b2b
7c5e24930f065a6e25257742a7dc8e509f64f9b79023ce50b1c0ca84873f68c6
GET /games/swat-vs-zombies/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 62634
last-modified: Mon, 10 Apr 2023 01:37:19 GMT
etag: "f4aa-5f8f16a685cd7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6SgL%2BAhHUEDllrEk8P6Pz8sLgsWlMMMhnQVz9VR%2F%2FyK%2FIyye2AvgHNtMGCnHR0fRrd6apkcKdOjqZKqqiSCffCgFJCcP%2Ftco8E63NN%2BsqKRwtUMKPzqXq32IYyUlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4bb6bfab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/duck-hunter/thumb_2.png
104.21.65.132200 OK 58 kB URL GET HTTP/3 afuncan.com/games/duck-hunter/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 58c0f5cdfb12c85a2780d27371022e0a
40fa3ab19906bdb4d459b9972114cd0b31996914
59615b4f9f9fdc5ac838119c3172e81fd3b0ec0c5e6b694585185a6be0d084f8
GET /games/duck-hunter/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 58345
last-modified: Sun, 09 Apr 2023 02:59:02 GMT
etag: "e3e9-5f8de70cd76fd"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYNnz%2ByZwCpmyztvB2vNXsWSqYGMIZDJ5UEJwUPnU%2B65ThMmZ6PZkuZZXG30TTliSo5DdUa1C8bGiXaqdZ7vM4dLC1IKQ2dUR7tdSwQi1zn%2BYeAKs0fKQoNaEuuHgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4bb6dfab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
thewoksoflife.com/wp-content/uploads/2020/01/TWOL_chinese-zodiac-02-e1580146790695.png
104.26.13.200200 OK 48 kB URL GET HTTP/2 thewoksoflife.com/wp-content/uploads/2020/01/TWOL_chinese-zodiac-02-e1580146790695.png
IP 104.26.13.200:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint54:3E:8F:C6:98:4B:3F:BC:02:64:75:04:16:6C:66:62:1D:1B:F1:3C
ValidityMon, 08 May 2023 00:00:00 GMT - Tue, 07 May 2024 23:59:59 GMT
File type PNG image data, 600 x 992, 8-bit colormap, non-interlaced\012- data
Hash 9919940c71d7cf9f7f7d06175272106e
d557fc9707f493bc55d01ec70bb71c0cbed747da
76b51b645a5aa5bc8ff8c2d3de774fde56880e1b4204df383b8765ccc4876152
GET /wp-content/uploads/2020/01/TWOL_chinese-zodiac-02-e1580146790695.png HTTP/1.1
Host: thewoksoflife.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 48355
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
access-control-allow-origin: *
etag: "5f7c765f-bce3"
last-modified: Tue, 06 Oct 2020 13:51:27 GMT
vary: Accept-Encoding
x-hosted-by: BigScoots
x-powered-by: centminmod
cf-cache-status: HIT
age: 46801
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpALqfdEzMAmGTDDnEm15HHG0%2Buhrm8zBh1ztFRyF6Sx7cHGqNZX671NgYO1JpAH1p9NB6DF5ozJk0pTTKfEgH8eEbuvmU%2FqORNuzlyMNSHqVfnQPeWJ7UWLmBjYV5x43%2FeS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a50815b4f7-OSL
X-Firefox-Spdy: h2
afuncan.com/games/fruitsnake/thumb_2.png
104.21.65.132200 OK 104 kB URL GET HTTP/3 afuncan.com/games/fruitsnake/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 104 kB (104539 bytes)
Hash 8cad13ce81753fb7959b4187b57e257d
2943b418b7da951ba9b0fb3801102a8777230ff2
ef26daccdb0a9e6c75150bbaabe440062f1ca56079d92f6627d53aaf8deece7e
GET /games/fruitsnake/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 104539
last-modified: Mon, 10 Apr 2023 02:52:46 GMT
etag: "1985b-5f8f2783f2785"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCxueB5GYDx44CzqAEe2ao6Q6NIPXPh5mxFfPzgn%2BoNkTpjgRyozHAscE9PSt7InpjvuGPoB52FyZ%2FhK8B1Gd0OjsUy%2FsGnr0moWsr4%2FpC052lRJuTYVIAJe5MwbTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4bb70fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/tank-defender/thumb_2.png
104.21.65.132200 OK 68 kB URL GET HTTP/3 afuncan.com/games/tank-defender/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 80253243e50302c69fd829df32abc2c6
4abe8ee0966f54cf504601b71952fba7032a972a
d9f231ba7c8ea732cc866931449f4ea709fade9570de17bd0aa08f4a5894bd43
GET /games/tank-defender/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 68373
last-modified: Mon, 10 Apr 2023 02:59:11 GMT
etag: "10b15-5f8f28f339a83"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcJFqT%2BWxbgGIu5zlIlfRrjBfxCCBDO1%2FpneqX%2Fu1v%2FMbGjcUKWNY98gxcyRf%2FENNGHmq9CXdPUgbwPAvZEfXXh88TdZd7uUAFHMB63c5DuYTKPFLj%2FBkXGiNBDIJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4bb6efab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/ranger-vs-zombies/thumb_2.png
104.21.65.132200 OK 87 kB URL GET HTTP/3 afuncan.com/games/ranger-vs-zombies/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash b73bea120916626f8390d6f0fd62e5b5
c193d3d151558490f2ed02fd8750198260daec0b
564d17d6617722c7a4acedfee8181170526f2fbfed95a67cf069eb0146a42c66
GET /games/ranger-vs-zombies/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 87378
last-modified: Mon, 10 Apr 2023 02:38:39 GMT
etag: "15552-5f8f245bb6096"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVqhTbLFdj5PUoOMORrD0A%2BEAXbzcRnbuOEM7FU%2FVJjVrXKI8wqVi0sKahubfqJA8LHsrb98gTqLY3%2FnSCj1T32z3pKvPBgVw9EHx%2BxVUAZ0wX4oI9FF7UqruYi4lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4bb6ffab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/plumber/thumb_2.png
104.21.65.132200 OK 100 kB URL GET HTTP/3 afuncan.com/games/plumber/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 100 kB (100216 bytes)
Hash 20728a8678c8eeb4dd68ef5dfca06a50
b78221b86b3aeb83a1dfd5f460d1b00b955c4191
c68803bc62949a7a34c668f8383f4cffc22b90d38b01c6cc063069369eb45f9e
GET /games/plumber/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 100216
last-modified: Mon, 10 Apr 2023 02:17:23 GMT
etag: "18778-5f8f1f9b524e4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahRZJzrcgaXd%2FUB8HE6%2ByosUustD0To1f0iup2%2BOE6NjeR2xK5cXEO%2BRPuOuKE4esJhmjxqag%2FN7e4SieLxd1T%2FJF1W6d%2F%2FAsIZzJR2nkuws6b5gxsKrxhUgklOo3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4bb72fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/gold-miner/thumb_2.png
104.21.65.132200 OK 72 kB URL GET HTTP/3 afuncan.com/games/gold-miner/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 909a88e0f4761e452c5a18dd78e42e42
59ddac47be1450b4307766d30560e97289466f85
b06cc39356cad09783973f5c9c42bc0f5805246739c47d48280ca4e639354059
GET /games/gold-miner/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 72150
last-modified: Mon, 10 Apr 2023 02:22:23 GMT
etag: "119d6-5f8f20b8ff9a0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkCwWe%2FEysg6UXxr4f5EVNG%2BDvEAISHgxpDpaYSLnlGJiUGqI0EXb8wXeISHgqRVC9Umeehd%2FjU89uD0rv6fmapkyjERg7xOYYQMkR8Sk0R1Phbd8ZPjYEbIbaZw8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4cb76fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/tank-wars/thumb_2.png
104.21.65.132200 OK 5.6 kB URL GET HTTP/3 afuncan.com/games/tank-wars/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash cbec8f27b49f065b909331ada4258403
c9665f19515a72b8891c0a089bf7196c7cda1831
748c54e441795663fa3c063cf7c4c6ac625aa14b827c91667c7bb26ec0632ba9
GET /games/tank-wars/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 5612
last-modified: Mon, 10 Apr 2023 01:53:05 GMT
etag: "15ec-5f8f1a2c5e587"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByhPJ38qR4eYu99k3OH9UDP87DJzwBU9%2FGo7s32YftEHq77PCYFFnsZ81jcBZqzM6R5Gwfad7EEY3sAwOn8eKzy%2B4V9udGEa13Cuo%2BtY%2BS2imuFTnqVDuLQQLZ0T0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4cb84fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/zombie-buster/thumb_2.png
104.21.65.132200 OK 67 kB URL GET HTTP/3 afuncan.com/games/zombie-buster/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a9286261f2301340b35c060af25209a
cd47c108735a90a5eead196fadff17419b16f63c
cdcf1cb281a8353edc08eb1d9703491a897beaa679516bbe1afb132903fedb2f
GET /games/zombie-buster/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 66601
last-modified: Mon, 10 Apr 2023 02:09:26 GMT
etag: "10429-5f8f1dd45ae0d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbvHg60E8%2FmRYetNWdaIe6MaFm%2BRAZetMAbQZAG%2BckYCFwDg%2F9MeuwoGfW5z9cqyLWndULGFLNtSXmp0IBu%2Bde1buXzp5PTZ2bQcrdeLxFKWlTqhxZphNE%2BwtsJz%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4cb83fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/stick-monkey/thumb_2.png
104.21.65.132200 OK 42 kB URL GET HTTP/3 afuncan.com/games/stick-monkey/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash aee2fdb36fee9896fc307dee558405c4
5fa3c1c20d221e350c620e5959633711b23fc615
3c954596bd2a354552e6bf3d6e1cc8345e271592e755e5fca7e63aceb41c6041
GET /games/stick-monkey/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 42152
last-modified: Mon, 10 Apr 2023 02:13:11 GMT
etag: "a4a8-5f8f1eaaf9805"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39e4yCBusWoTWP9GkFyWwp%2BAiqB33m%2BoTptTmo9PMiM7xzfxwgLeSk4tTroN7%2FaxWq4gpuDR9RbHHkgdlkLFBrGQD0JMURW2%2BnPx5NXkP2BcQnSkCJCM27N1OWxR0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4cb7ffab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/mad-shark/thumb_2.png
104.21.65.132200 OK 129 kB URL GET HTTP/3 afuncan.com/games/mad-shark/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 129 kB (128842 bytes)
Hash 20c7358e48ad8bd3e8aa05b1d5feaabb
f00ecc0e5535c8072e908333b5f136da6b0443d3
8865e9b6f009cd68d7b8c20a3b0adf115900097ae089996166335839809a23d3
GET /games/mad-shark/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 128842
last-modified: Mon, 10 Apr 2023 03:47:49 GMT
etag: "1f74a-5f8f33d165efe"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbryOJzzOfkPwp46UwbfBJIiSSSDJQ%2FlqnKw%2FejdpU9d9g3EVG2ubHIjoDFp%2FpsLXwmY5%2FiHqPPWuRElhGhBpMXjwFMm22NOPEQOVZarrkrhHENmqNXoXQTTlzDvKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4cb88fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/great-air-battles/thumb_2.png
104.21.65.132200 OK 91 kB URL GET HTTP/3 afuncan.com/games/great-air-battles/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d413bee7f754d9f071a2fddb301e971
4dbc4e687265a7a9b72bea1e5ffb316b37724306
a834cd181b32a465a1e90945a3fa5a181f19c7cae5eb1770538d52b1ffdbd9e3
GET /games/great-air-battles/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 90634
last-modified: Mon, 10 Apr 2023 03:45:44 GMT
etag: "1620a-5f8f335a5ebf7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTDE9qjGq%2F%2BUXSgsV0To%2BYemSiDfk7sh870UaDKdO31ooup0TLrXJwqj3gDlYkPaVgfsqOPgLJlNj9rSaQePFHxv2dmE69hiXEl1NRJKZ8ehBse1cfkxlcw%2BEDgKYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4cb87fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/kids-true-colors/thumb_2.png
104.21.65.132200 OK 127 kB URL GET HTTP/3 afuncan.com/games/kids-true-colors/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 127 kB (126884 bytes)
Hash 9311de5390efdb81eae748203c5de8f2
91d5b771482dc6a0abbbd6493bebf321560922d2
8284a4c4a8b4351395b4eceb067e08e855da79b6569181d29d753c70ee1df6bf
GET /games/kids-true-colors/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 126884
last-modified: Mon, 10 Apr 2023 03:42:43 GMT
etag: "1efa4-5f8f32ada6ee3"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbx2VZ5wux05b4pg4pEL7%2FRxP6QQBr10UTNtdcC%2FEn9%2Bpe3GsOLEES3%2BdxHj%2Boay7mWM0DdQ0%2F%2BQYLre5wMSKkalxT%2BvqJ7ATMuowxXviRDZlYna43PPJVcRZcH%2F4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4dba4fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/christmas-balloons/thumb_2.png
104.21.65.132200 OK 138 kB URL GET HTTP/3 afuncan.com/games/christmas-balloons/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 138 kB (138272 bytes)
Hash 04ea4e6f1f5bcb0d22f05fef3b1e03ec
4900b17a8916ff9ae1a66c32eaa57e7145110658
7d0cf53bb78485eb3bc9bc8d8d25a21f335b04ccd07cfb8c7396c65567ff8f8e
GET /games/christmas-balloons/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 138272
last-modified: Mon, 10 Apr 2023 03:40:09 GMT
etag: "21c20-5f8f321b5857d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTCx4d%2Fsd6%2FdrtdX9Q7EEkxSa44LZ%2FA0kloz7QqfktAEnspMeCmYRWmc8ujvvxKCCg%2Fu4Qdn%2BLo3fVIddO1ZKLmtaNW6FlGNuOR5wvsJclgJt299gb4BCP2%2BJ1ISEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4dba2fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/christmas-match3/thumb_2.png
104.21.65.132200 OK 121 kB URL GET HTTP/3 afuncan.com/games/christmas-match3/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 121 kB (121388 bytes)
Hash fe98ce6497f12e559c7d8874555108af
fc45bcdfcdcffe1439880b3a58b23ecf1e4fc338
6dded15ca447bd40a8bc2abdd9baeb0c5b56af185080a911ca3fa68bec3a6ac1
GET /games/christmas-match3/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 121388
last-modified: Mon, 10 Apr 2023 03:38:05 GMT
etag: "1da2c-5f8f31a4e5d5d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cM6054l3Jb52HG4xdshfN0jsYdu3xJIkC5ADOHVtfc3T4bSb2L8om5okJ7LfPW0v2x2U5kp%2Fei%2BwbC41nG1sJOy%2F9zyHve%2FER8%2BcknpZ03hH8DfPxMD9S2YYkO0zbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4dba0fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/speed-racer/thumb_2.png
104.21.65.132200 OK 133 kB URL GET HTTP/3 afuncan.com/games/speed-racer/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 133 kB (133110 bytes)
Hash 72bae97eaa2dd8b741fe3019cd4aacfa
446d9bce822cb8252ac160e9b948c37ea8c82520
abba82e29b6e78c6f283f71ab3a234bcb909f7fd76963eadcdb9e54a49ed7a3d
GET /games/speed-racer/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 133110
last-modified: Mon, 10 Apr 2023 03:34:28 GMT
etag: "207f6-5f8f30d57af64"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2F3DZEeqcpYFXbkiIDlH89G1uduc3Ny%2BeJZ%2F1Izhup6C2gTutrfhMQGs1XP2gxudGQ1RxnQtGUYQtYCsiV%2Bxpdtc73td8rUN2%2FdOC44VxeFSjr1Qy68sIEXpM0V3yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4ebaafab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
data.chinatravel.com/images/mobile-first/chinese-zodiac/chinese-zodiac-years.jpg
23.36.79.8200 OK 36 kB URL GET HTTP/2 data.chinatravel.com/images/mobile-first/chinese-zodiac/chinese-zodiac-years.jpg
IP 23.36.79.8:443
ASN #20940 Akamai International B.V.
Certificate IssuerLet's Encrypt
Subjectchinahighlights.com
FingerprintAB:71:A6:40:27:71:EE:E0:F6:D4:F8:AD:F1:A5:A9:09:F1:36:09:60
ValidityMon, 03 Apr 2023 02:43:49 GMT - Sun, 02 Jul 2023 02:43:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c19f26d8b194ee041be51f206caa208f
af1bf491449a8c07590c493a6ae35744a84249e7
d356c0102a2a419dd34847096d8fa50a0990143935b6b16928352b516829aae3
GET /images/mobile-first/chinese-zodiac/chinese-zodiac-years.jpg HTTP/1.1
Host: data.chinatravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
content-type: image/webp
content-length: 36392
last-modified: Fri, 06 May 2022 17:31:57 GMT
x-powered-by: PHP/5.6.31, ASP.NET
access-control-allow-headers: X-Requested-With,X_Requested_With
cache-control: max-age=419545
expires: Thu, 25 May 2023 16:52:06 GMT
date: Sat, 20 May 2023 20:19:41 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
data.chinatravel.com/images/mobile-first/chinese-zodiac/chinese-zodiac-2023.jpg
23.36.79.8200 OK 48 kB URL GET HTTP/2 data.chinatravel.com/images/mobile-first/chinese-zodiac/chinese-zodiac-2023.jpg
IP 23.36.79.8:443
ASN #20940 Akamai International B.V.
Certificate IssuerLet's Encrypt
Subjectchinahighlights.com
FingerprintAB:71:A6:40:27:71:EE:E0:F6:D4:F8:AD:F1:A5:A9:09:F1:36:09:60
ValidityMon, 03 Apr 2023 02:43:49 GMT - Sun, 02 Jul 2023 02:43:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f946396fbe04ccce9d7ac136a0078a25
212f8e452b280af623d027ba252b421ae160e197
ceb2818c51574cfd7bac990d5c2cd1fe671b35aecac460a0443b01bce2a1b281
GET /images/mobile-first/chinese-zodiac/chinese-zodiac-2023.jpg HTTP/1.1
Host: data.chinatravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
content-type: image/webp
content-length: 48512
last-modified: Mon, 09 May 2022 15:31:03 GMT
x-powered-by: PHP/5.6.31, ASP.NET
access-control-allow-headers: X-Requested-With,X_Requested_With
cache-control: max-age=604800
expires: Sat, 27 May 2023 20:19:41 GMT
date: Sat, 20 May 2023 20:19:41 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
afuncan.com/games/christmas-panda-run/thumb_2.png
104.21.65.132200 OK 86 kB URL GET HTTP/3 afuncan.com/games/christmas-panda-run/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 98b7d6630c88a0398c8247bdf720ce42
f61e41c7dcf180c3f909d51316e8d4cb8a7bf938
426f810b32330288c8c649a66a026cf8050ce0458449b81ea1b54066c2d75107
GET /games/christmas-panda-run/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 85702
last-modified: Mon, 10 Apr 2023 03:32:16 GMT
etag: "14ec6-5f8f3057c93ad"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=692l7118rLO9u0%2FGRHQq9iGI8vvETP0wzVtCTMZqzd9cbzbIVq2ufVU2OKAb0M98P%2BRXb6oCmzLnkUMO%2F7%2BePOKefIrBA54%2BbG%2FZptAHMt2PF7le28xuGiPiCmkQBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4eba8fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/zombie-shooter/thumb_2.png
104.21.65.132200 OK 116 kB URL GET HTTP/3 afuncan.com/games/zombie-shooter/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 116 kB (116470 bytes)
Hash c02dc89d9c52aa6bafa3a0875d09a662
7fa11f0d296e27aa4677bfd2066e0ce3e2dd4483
d82b4183ba95eae0e58d96050bfdde26fb890e80992bdaf6159c71242ab5d6f8
GET /games/zombie-shooter/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 116470
last-modified: Mon, 10 Apr 2023 03:29:16 GMT
etag: "1c6f6-5f8f2fac9af79"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VA5x8M0iBbVATSzXGB8yAlc95gzWdUFtd5eAtUGE75CfMjwhLnTn2x%2Blqf1l77B20Kb%2ByhqYBod9Dd2NVTYVQio1FogXIWdcwSZ3i6FtIHfD9kzaLNHDYLjTXnzSQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4eba9fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
data.chinatravel.com/images/mobile-first/chinese-zodiac/chinese-zodiac-compatibility-chart.jpg
23.36.79.8200 OK 44 kB URL GET HTTP/2 data.chinatravel.com/images/mobile-first/chinese-zodiac/chinese-zodiac-compatibility-chart.jpg
IP 23.36.79.8:443
ASN #20940 Akamai International B.V.
Certificate IssuerLet's Encrypt
Subjectchinahighlights.com
FingerprintAB:71:A6:40:27:71:EE:E0:F6:D4:F8:AD:F1:A5:A9:09:F1:36:09:60
ValidityMon, 03 Apr 2023 02:43:49 GMT - Sun, 02 Jul 2023 02:43:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x630, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 91d8ce006a49cc812b7e489153c987e7
51cc353fc1869e4d11d864f32103d33eef4cb049
66ef844c9f263fb3179d3665ee11591976fbdf302844efbb71ebd510021b913b
GET /images/mobile-first/chinese-zodiac/chinese-zodiac-compatibility-chart.jpg HTTP/1.1
Host: data.chinatravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
content-type: image/webp
content-length: 43904
last-modified: Tue, 31 May 2022 14:23:02 GMT
x-powered-by: PHP/5.6.31, ASP.NET
access-control-allow-headers: X-Requested-With,X_Requested_With
cache-control: max-age=604800
expires: Sat, 27 May 2023 20:19:41 GMT
date: Sat, 20 May 2023 20:19:41 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
afuncan.com/games/shoot-robbers/thumb_2.png
104.21.65.132200 OK 86 kB URL GET HTTP/3 afuncan.com/games/shoot-robbers/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash bc3333d9fe8eb974aee40287558e99d5
6336f51e02e5361e10c8597fa11ce6969a430fde
64e75f011e0487a6a5addd4a4beeca84080fbcc2a18ccced630ea06f0d66bfb7
GET /games/shoot-robbers/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 85769
last-modified: Mon, 10 Apr 2023 03:26:18 GMT
etag: "14f09-5f8f2f0231b9d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFgSrrxAUXKX6k3qbbu5PD3MkWZPVemh110B%2FKyJxLnwHQ%2FPs9NVf4ImMaRBrqhZvzZiEUaE66HZDv1mJKEkYxyp9W%2BpJZaVHjUxLC9jv%2FdOSCiqni1neywViTQcCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4eba7fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/jelly/thumb_2.png
104.21.65.132200 OK 119 kB URL GET HTTP/3 afuncan.com/games/jelly/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 119 kB (118788 bytes)
Hash 888a0406f5da5942330741b113903c09
c63a49d73e740c4f9e6d91368988006d3c7679c3
bdb665f65ed07c389f6d284996721947640d422a974ce4eed9c5a93841819e8a
GET /games/jelly/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 118788
last-modified: Mon, 10 Apr 2023 03:23:50 GMT
etag: "1d004-5f8f2e753d7ff"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Q0OuXF5X96qocTGlgwjDyX6vbBtSJkLfSlPL5sVcXIjqGtlkzjbRtjPT%2FhqKqHWP9dLmjgYhKzoC7CIBgWNrSS1HViMNAdtl5PtRLFwPOyW%2FKtOE4ZyWGjny72tUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4ebaefab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/candy-super-lines/thumb_2.png
104.21.65.132200 OK 161 kB URL GET HTTP/3 afuncan.com/games/candy-super-lines/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 161 kB (161052 bytes)
Hash 89b8da2137b74e8f41e75e5ab466e920
c1f45dee74e3f311dd6d62acd897ea2b5a212904
16098ac8b6489bd5bb2c11ebd8b250055d72a18e89958963816bac00b2e83b8c
GET /games/candy-super-lines/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 161052
last-modified: Mon, 10 Apr 2023 03:20:28 GMT
etag: "2751c-5f8f2db45c8cd"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16YsP%2B79dEpxopQ84eZiigtwnlepoGGOspScRrFGItTaEUfBFcE9IczBlDAKFpcLk0rz%2B4cStQ4jUc3HZIz5wrlKYOWEmAak3ka1LO%2B14aKlbgnQ7msu4jqR%2B2BZCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4ebacfab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/girl-dress-up/thumb_2.png
104.21.65.132200 OK 103 kB URL GET HTTP/3 afuncan.com/games/girl-dress-up/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 103 kB (103037 bytes)
Hash fe73eaf2e8dea655c1e1f6f67ac849cf
af965616bded17fd9a698a174c0a1ed3e7d629ab
b90e3bb0c482850ccd57215d4d6031b2ec45131a6feb8423fa0517cb3889eaba
GET /games/girl-dress-up/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 103037
last-modified: Mon, 10 Apr 2023 03:17:47 GMT
etag: "1927d-5f8f2d1af58e8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrASbCrs3bKiVhP7mZxP%2FXZh4poVlfuc8YN4%2BtotH%2F7gEzfNMe2ao8yU%2Bevnog%2BF%2B9N19I1e%2FA6ANk5z0Rxs3FbfkNTJfmPXH5v51%2BCIyaIPq%2B18020djTUXb8RbVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4ebadfab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/traffic/thumb_2.png
104.21.65.132200 OK 97 kB URL GET HTTP/3 afuncan.com/games/traffic/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 801bc6e3e3a0191382ea7497b13e2391
38b221debdc6a862d51808a53630c2e5554e95a9
7e9ebdc839c81f9b23a5b0933d968f8ae93511bb8fe4c827adee62e84c633a08
GET /games/traffic/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 96776
last-modified: Mon, 10 Apr 2023 03:15:09 GMT
etag: "17a08-5f8f2c84f27ba"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4R5is012vl%2B2pzhLqclxw8mv%2Bp0dZEROJiaP8HjePiS22FIYCrftD5fkuliYsUk%2FgTFwljnTxJy%2FL%2BvVuHT4rUROfw2gyJBXEPiOn8kjruI4ozGwWLNT%2BimrIF%2Bdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4fbc1fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/duck-shooter/thumb_2.png
104.21.65.132200 OK 107 kB URL GET HTTP/3 afuncan.com/games/duck-shooter/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 107 kB (106916 bytes)
Hash f679cc19df4f72e41b5afe46d873b7a2
173c9985ae31ecef997b2cdfa6a60d3207cd6512
f6977810078bd25d2cd28e06726aa4b946c92fd92c3416cfe2251693c75a78fe
GET /games/duck-shooter/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 106916
last-modified: Mon, 10 Apr 2023 03:12:23 GMT
etag: "1a1a4-5f8f2be6a0366"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMjP5AW8%2BGQejVI4cGkMI2VIjNmIm1pzcYkNYCA2ZTv7lP9ZIpRN3te8X7z86X9rTJuhFRvprX16Zk5mI89FFYkPJpVQX4uc5ZS%2Fw8VNygREQ6YZoO38kN1vKjZ%2FfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4fbc3fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/space-purge/thumb_2.png
104.21.65.132200 OK 137 kB URL GET HTTP/3 afuncan.com/games/space-purge/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 137 kB (137399 bytes)
Hash 2524d11c2fafcc20fc2d8ebe268731b7
7c6f5a43961451a48e7db75f715b93e0a555802a
810d45f4b12fe22bf3c8ea323b2c50e590520b7e063c92cf683902c334bab22a
GET /games/space-purge/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 137399
last-modified: Mon, 10 Apr 2023 03:07:25 GMT
etag: "218b7-5f8f2ac9b0dba"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ci7yIccImpkiIoTNOHvdOKaM%2FmKQgo7vaIn4CmeMS6%2Fu3iwUlQFvqYs2JRgL4caV%2BO6Srh1qsSENngfIUvCj9KoldH3cIpLdrBqZ%2Fdaf2MeMOu8b2cbdNAxrc3NXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4fbc2fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/super-cowboy-run/thumb_2.png
104.21.65.132200 OK 129 kB URL GET HTTP/3 afuncan.com/games/super-cowboy-run/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 129 kB (129323 bytes)
Hash 9c7a3289d26a28d75d718039c60e1da2
daf7ceb986ddcffeecf91545c858200302c47847
a7da6d2b3a6c4cb334831292e8d263012e6fde5342af7b4a6cc233947ba394b2
GET /games/super-cowboy-run/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 129323
last-modified: Mon, 10 Apr 2023 03:09:55 GMT
etag: "1f92b-5f8f2b58fa7f0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVUKshk4OWUkNuUVKI6LAO6pGnmKurcK7KisUt3yvK%2FoxfLDMlN1ZcXqo4MvJ6yBrjtdWnO5GpchH9mepcWAo5JROCjmxKGuY2Q96arwNPn0CfyVtnirx3BOtkPiAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4fbbffab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/crazy-runner/thumb_2.png
104.21.65.132200 OK 62 kB URL GET HTTP/3 afuncan.com/games/crazy-runner/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash b2a4f3d955999d97cfb3274907edd122
518da07a7c3211e3ef82bada22dc3cbe1c7e9f47
e48491e749f4076b329ba91a01b7abd2eee55b3a7b136ebfdefcdad44782cdeb
GET /games/crazy-runner/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 61543
last-modified: Mon, 10 Apr 2023 03:05:11 GMT
etag: "f067-5f8f2a49d896b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYIFjMcRRoJl1CAhUBc%2BOWkzkjYHbx1qqkBab2zR1QUrAjOKjZGcUUKR1PDYP2vXqif8NUgM01FPjll8q5CLAS%2FGQaRBx4DhYdfb%2BETxbsoFceIX8NpLTvDNf0txkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4fbc5fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/fishing-frenzy/thumb_2.png
104.21.65.132200 OK 65 kB URL GET HTTP/3 afuncan.com/games/fishing-frenzy/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 4dec2fdef9849efbcc3925f5bbd90db5
0eafca13d0787fabea37d503f2d928f5b599c05d
2782934bd555759c91a70f92ee9d3b5f210e18d53f31a2e4b2bc37ce6bd4b4a2
GET /games/fishing-frenzy/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 64560
last-modified: Mon, 10 Apr 2023 03:01:33 GMT
etag: "fc30-5f8f297a47629"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceHtb2TWR8nxP%2BkmbfSx6Z5%2F5jy8mFt2NCIdJbNC%2F5rJxZ5Ew0rIdGYGz%2BHUC%2BmDC5B6ZvHqtCGtzQcITDngQVmxP66i22IBFOlpjy5rsNKVrf7cw2YphSuvh4m9Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4fbc7fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/casino-cards-memory/thumb_2.png
104.21.65.132200 OK 83 kB URL GET HTTP/3 afuncan.com/games/casino-cards-memory/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash f8e835f0a320b976e5f6c957a33917cd
08cd4c80b4182d9727357dacce53191f71aa6c88
58f01aed79f3948285e83e6605358684168397fe12856d9853cd45427b909a1f
GET /games/casino-cards-memory/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 83070
last-modified: Mon, 10 Apr 2023 02:49:53 GMT
etag: "1447e-5f8f26df2ec91"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGim%2FSgd4T86V6cKsYfTeOvghhILus%2Bm3YgCRbEfEjnJl%2BFCItE%2BwqtERSCXhr7QTx8lGUq8Pm1KDOm3ZRkvdp7ccu2uRz%2BHdWbnvsxS3SzIkOKqN%2Bu%2BWViSmmn3rA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4fbc4fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/games/fruit-slasher/thumb_2.png
104.21.65.132200 OK 123 kB URL GET HTTP/3 afuncan.com/games/fruit-slasher/thumb_2.png
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 123 kB (123209 bytes)
Hash 1f5617ecf9c811bca25c2302ad26e67f
5d626d95f680ff192a1c92f901701fbd6f17b833
137b62805330088f3ecd8c292ab1e7c8b2463e7fe9476419dbcedda631fcb5f2
GET /games/fruit-slasher/thumb_2.png HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: image/png
content-length: 123209
last-modified: Mon, 10 Apr 2023 02:32:47 GMT
etag: "1e149-5f8f230c2b1de"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEPwJa4yIgY8ZEx1YSzwcwY%2BWrGYy7WoBNUWtT8BQHagQAJF14GW0i9D25F3XoJT0rACWWqvrbJh1FhsNj%2B43s8XLfsEdbiKpTMRYN3GSkmtWhrNeNOI2vKGLwS4bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a4fbc6fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash e230bd19edbe270b64c2712bb2f9dbb5
d932899fff8b45dfec130d2732208a2d6a4e4a34
8ef123771795f843f243914eea0869a2c08fa20e20032644597b637fae48a08f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 20:19:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash e230bd19edbe270b64c2712bb2f9dbb5
d932899fff8b45dfec130d2732208a2d6a4e4a34
8ef123771795f843f243914eea0869a2c08fa20e20032644597b637fae48a08f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 20:19:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 572462dd4adbe106835908e03722b18a
bdaaf6113bb8fb7e7cecea35e3ea71f85c02ee9c
d45c2bcf7a56f321862b87e349c745f2982dde920c26449c5c4ac10d800702c4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 20:19:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.lifestyleasia.com/wp-content/uploads/sites/7/2022/01/31141913/Screen-Shot-2022-01-31-at-2.18.53-PM.png?tr=w-1200,h-900
143.204.55.23200 OK 89 kB URL GET HTTP/2 images.lifestyleasia.com/wp-content/uploads/sites/7/2022/01/31141913/Screen-Shot-2022-01-31-at-2.18.53-PM.png?tr=w-1200,h-900
IP 143.204.55.23:443
Certificate IssuerLet's Encrypt
Subjectik.imagekit.io
Fingerprint6E:9A:81:BD:76:51:AF:0C:1D:AB:BA:02:4C:C4:67:49:96:53:71:52
ValidityFri, 12 May 2023 06:22:54 GMT - Thu, 10 Aug 2023 06:22:53 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x900, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 721c1d57268db33a2a76cd1fd9a8a1ef
8c33fba12567a1c64960a68ac34ee9e90645284c
a644acdc5839d527c69311387a846924fe75f55a5656b20d9c0ff7b087261328
GET /wp-content/uploads/sites/7/2022/01/31141913/Screen-Shot-2022-01-31-at-2.18.53-PM.png?tr=w-1200,h-900 HTTP/1.1
Host: images.lifestyleasia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 89298
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: *
timing-allow-origin: *
x-server: ImageKit.io
x-request-id: cb87c0b1-c725-46c3-a6e5-badf9c8417cb
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
etag: "721c1d57268db33a2a76cd1fd9a8a1ef"
last-modified: Tue, 04 Apr 2023 03:09:47 GMT
date: Thu, 18 May 2023 00:08:10 GMT
vary: Accept
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VzxhRVLMOEMxsb9mJEdm1vxp2aeWlz7-w3y9KEZlbTxtHEVhzehC6g==
age: 245491
X-Firefox-Spdy: h2
cdn.shanghaitang.com/assets/landing/21712_1585124020-mobile/zodiac-year-chart.png
104.26.3.86200 OK 962 kB URL GET HTTP/2 cdn.shanghaitang.com/assets/landing/21712_1585124020-mobile/zodiac-year-chart.png
IP 104.26.3.86:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:C9:B2:59:4D:0C:21:14:7D:00:56:B9:BA:91:56:18:54:0B:AF:D3
ValiditySat, 19 Nov 2022 00:00:00 GMT - Sun, 19 Nov 2023 23:59:59 GMT
File type PNG image data, 1238 x 1560, 8-bit/color RGBA, non-interlaced\012- data
Size 962 kB (961581 bytes)
Hash e1f9571c93bc639d45f7dab42e483369
419990ced6781c6f7e2e3e4b3b747d0008e69a5e
458c5c30a2e753367cdc4f941d254d090f05eb6b00e0df439339910c674e4d1c
GET /assets/landing/21712_1585124020-mobile/zodiac-year-chart.png HTTP/1.1
Host: cdn.shanghaitang.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:41 GMT
content-type: image/png
content-length: 961581
cf-ray: 7ca746a59cc81c12-OSL
accept-ranges: bytes
cache-control: max-age=2592000
last-modified: Wed, 25 Mar 2020 08:13:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9q0nXF7BbJVh%2BNZRCzztEu4E5McIvjo7N%2Bj3wMdWrqNsE8zeJjywVXDluljMI43CsimZl97wIl8l3d4fZnNVrfeQfa9AeTwHlB0haKuy7RH1NoXDgw5pEES36vTswloIsaADx%2Fk"}],"group":"cf-nel","max_age":604800}
x-amz-cf-id: sYyoiqw4nDIfEJ8ksmCx0LOjMq47OpURa1QZ0Uxg_FYqZ1MI_FJh2A==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
server: cloudflare
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-JPJFVSE5RF
142.250.74.72200 OK 85 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-JPJFVSE5RF
IP 142.250.74.72:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type ASCII text, with very long lines (4509)
Hash e9c1554f02dc7e0bac5db0dbe09e44fe
ae690624991a8bd3db4a6781facaaa5a134ca602
448902391c1416c57be09c6cdd4bf7a6a3beb463dade2773a44de7e656ebc107
GET /gtag/js?id=G-JPJFVSE5RF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 20 May 2023 20:19:41 GMT
expires: Sat, 20 May 2023 20:19:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hips.hearstapps.com/hmg-prod/images/chinese-new-year-zodiac-signs-papercut-icons-royalty-free-illustration-1609879067.?crop=0.755xw:1.00xh;0.125xw,0&resize=1200:*
151.101.0.155200 OK 136 kB URL GET HTTP/2 hips.hearstapps.com/hmg-prod/images/chinese-new-year-zodiac-signs-papercut-icons-royalty-free-illustration-1609879067.?crop=0.755xw:1.00xh;0.125xw,0&resize=1200:*
IP 151.101.0.155:443
Certificate IssuerGlobalSign nv-sa
Subjectcosmopolitan.com
FingerprintAB:95:76:1A:04:E1:DA:2A:66:64:74:4D:58:FC:11:57:04:3D:42:C6
ValidityThu, 04 May 2023 14:26:12 GMT - Tue, 04 Jun 2024 14:26:11 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x1192, components 3\012- data
Size 136 kB (136249 bytes)
Hash 6a43dc837b539cd2b7f566fb29c944f3
adb01d176d9fa8ab1a58a155cd8ab07441118416
39f957b92e7c8f4939a7768b270e9810b10986deef6253e908bb521a8c2ff715
GET /hmg-prod/images/chinese-new-year-zodiac-signs-papercut-icons-royalty-free-illustration-1609879067.?crop=0.755xw:1.00xh;0.125xw,0&resize=1200:* HTTP/1.1
Host: hips.hearstapps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=31536000, stale-while-revalidate=604800
content-type: image/jpeg
x-animated: 0
x-canonical-ops: crop=4152:4125;688,0&resize=1200:1192
x-image-dimensions: 1200:1192
x-source-image-dimensions: 5500:4125
access-control-allow-origin: *
x-robots-tag: all
accept-ranges: bytes
date: Sat, 20 May 2023 20:19:41 GMT
age: 581587
x-cache: HIT, HIT
timing-allow-origin: *
content-length: 136249
X-Firefox-Spdy: h2
m.media-amazon.com/images/W/IMAGERENDERING_521856-T1/images/I/51TouB177tL._AC_.jpg
54.230.82.142200 OK 52 kB URL GET HTTP/2 m.media-amazon.com/images/W/IMAGERENDERING_521856-T1/images/I/51TouB177tL._AC_.jpg
IP 54.230.82.142:443
Certificate IssuerDigiCert Inc
Subjectimages-na.ssl-images-amazon.com
FingerprintD7:75:29:92:F1:73:91:E8:5E:C1:20:51:9B:9B:6F:9F:8B:6D:CB:CD
ValidityWed, 26 Oct 2022 00:00:00 GMT - Sat, 14 Oct 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x357, components 3\012- data
Hash 647b04deb84bd0f7246d26ec1d54c5ba
693de82413e2b2c643f6fc62ad18e9ffa6e2d933
f6a9cbf8b4e754898a4a94ce7bf656b79195af8be45c3ae6b134da208af17830
GET /images/W/IMAGERENDERING_521856-T1/images/I/51TouB177tL._AC_.jpg HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 51524
server: Server
date: Fri, 19 May 2023 12:38:51 GMT
x-amz-ir-id: 7e50f063-f137-4408-bbb8-439e23413d00
cache-control: max-age=630720000,public
last-modified: Sun, 06 Dec 2020 18:13:48 GMT
access-control-allow-origin: *
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
edge-cache-tag: x-cache-767,/images/W/IMAGERENDERING_521856-T1/images/I/51TouB177tL
expires: Thu, 14 May 2043 12:38:51 GMT
surrogate-key: x-cache-767 /images/W/IMAGERENDERING_521856-T1/images/I/51TouB177tL
x-nginx-cache-status: MISS
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kNLh-73KJDfW62RDJ5T2mHeMKlUDH2EQ-pu13R8hMP86dAQAz5t34w==
age: 114050
X-Firefox-Spdy: h2
t4.ftcdn.net/jpg/03/09/00/91/360_F_309009162_BDAvILBr47F4zn4xjiY8xecNKI0Y9GlA.jpg
151.101.65.167200 OK 98 kB URL GET HTTP/2 t4.ftcdn.net/jpg/03/09/00/91/360_F_309009162_BDAvILBr47F4zn4xjiY8xecNKI0Y9GlA.jpg
IP 151.101.65.167:443
Certificate IssuerGlobalSign nv-sa
Subject*.ftcdn.net
Fingerprint4C:4A:24:85:4A:0C:BF:9D:E4:97:C8:C3:7B:C9:65:E8:47:1A:BC:33
ValiditySat, 19 Nov 2022 22:55:03 GMT - Thu, 21 Dec 2023 22:55:02 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 736x360, components 3\012- data
Hash 0a764509e1f2bb976c6578df1849005b
390da8a136a067de573caf77766bcc310464948f
4665f09552904b4b56f238c22f59cb4cb2b023937ebfb7f6b54079c254931502
GET /jpg/03/09/00/91/360_F_309009162_BDAvILBr47F4zn4xjiY8xecNKI0Y9GlA.jpg HTTP/1.1
Host: t4.ftcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Mon, 20 Jan 2020 08:59:30 GMT
etag: "0a764509e1f2bb976c6578df1849005b"
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 20 May 2023 20:19:41 GMT
age: 59421
x-served-by: cache-lhr7329-LHR, cache-bma1654-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
strict-transport-security: max-age=31536000
content-length: 98253
X-Firefox-Spdy: h2
thumbs.dreamstime.com/z/twelve-cute-cartoon-animals-chinese-zodiac-twelve-astrological-signs-asian-zodiac-set-chinese-animals-names-isolated-231457526.jpg
192.229.233.122200 OK 139 kB URL GET HTTP/2 thumbs.dreamstime.com/z/twelve-cute-cartoon-animals-chinese-zodiac-twelve-astrological-signs-asian-zodiac-set-chinese-animals-names-isolated-231457526.jpg
IP 192.229.233.122:443
Certificate IssuerDigiCert Inc
Subject*.dreamstime.com
Fingerprint6B:50:D5:54:D2:E6:CF:BF:4E:71:D1:B4:9D:8E:7E:3F:9D:A0:4F:29
ValidityMon, 18 Jul 2022 00:00:00 GMT - Fri, 18 Aug 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, copyright=Mariaskrigan | Dreamstime.com], progressive, precision 8, 1600x1690, components 3\012- data
Size 139 kB (138555 bytes)
Hash dab82424dd6d99cb3eb7cb10be50819b
e3ca848b97e9afe1ddf866715fb710b728edd3ae
e199e7a4257cd806527bc6623b7567ce9aa765def79911ab36f5552b5aeb0904
GET /z/twelve-cute-cartoon-animals-chinese-zodiac-twelve-astrological-signs-asian-zodiac-set-chinese-animals-names-isolated-231457526.jpg HTTP/1.1
Host: thumbs.dreamstime.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 18011435
cache-control: max-age=31536000
content-type: image/jpeg
date: Sat, 20 May 2023 20:19:41 GMT
etag: "1672418355"
expires: Sun, 19 May 2024 20:19:41 GMT
last-modified: Wed, 06 Oct 2021 12:34:17 GMT
server: ECS (ska/F709)
x-cache: HIT
content-length: 138555
X-Firefox-Spdy: h2
cf.ltkcdn.net/horoscopes/images/orig/242980-1600x1066-Chinese-astrological-horoscope-wheel.jpg
54.230.111.33200 OK 559 kB URL GET HTTP/1.1 cf.ltkcdn.net/horoscopes/images/orig/242980-1600x1066-Chinese-astrological-horoscope-wheel.jpg
IP 54.230.111.33:443
Certificate IssuerAmazon
Subjectcf.ltkcdn.net
Fingerprint4C:BE:62:9B:93:28:B5:AE:EC:CD:70:C2:57:7F:39:2F:3A:73:19:FA
ValidityTue, 28 Feb 2023 00:00:00 GMT - Thu, 15 Feb 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x1066, components 3\012- data
Size 559 kB (559204 bytes)
Hash 6c1a1b33a7d9b21cf65d665dc853a620
ec85c5c8e3ac83a93ac501d12ca7f77c16f12990
3b1db0f535a6dbe6b8160c129e4c9c8384979c7c3d96cbcf64902410b0b2a4dc
GET /horoscopes/images/orig/242980-1600x1066-Chinese-astrological-horoscope-wheel.jpg HTTP/1.1
Host: cf.ltkcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 559204
Connection: keep-alive
Date: Mon, 01 May 2023 18:34:50 GMT
Last-Modified: Sat, 16 Feb 2019 18:49:16 GMT
ETag: "6c1a1b33a7d9b21cf65d665dc853a620"
Cache-Control: public, max-age=31536000
Expires: Tue, 13 Feb 2029 10:49:15 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 12yYAYN-gzQJOYLSqqz6q0tYzCi1a_gk-ye-6hLkJ5Edt4qr6QdVrw==
Age: 1647892
i0.wp.com/astrologyking.com/wp-content/uploads/china-horoscope.gif?ssl=1
192.0.77.2200 OK 21 kB URL GET HTTP/2 i0.wp.com/astrologyking.com/wp-content/uploads/china-horoscope.gif?ssl=1
IP 192.0.77.2:443
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash bf62ba5690b186598a1acbae41f5c9b6
d48ef492a2a280349f2a4d2d712083207c4ee6f8
252ebbdd5f61e31aef247980cebe070c1ba9de7267fb805473248783f4769ec3
GET /astrologyking.com/wp-content/uploads/china-horoscope.gif?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 20 May 2023 20:19:41 GMT
content-type: image/webp
content-length: 20554
last-modified: Tue, 16 May 2023 13:49:41 GMT
expires: Fri, 16 May 2025 01:49:41 GMT
cache-control: public, max-age=63115200
link: <https://astrologyking.com/wp-content/uploads/china-horoscope.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "8ffe2607d45afcf6"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
q4k4k5i2.rocketcdn.me/wp-content/uploads/2022/02/chinese-zodiac-signs-1.jpg
151.139.128.10200 OK 74 kB URL GET HTTP/2 q4k4k5i2.rocketcdn.me/wp-content/uploads/2022/02/chinese-zodiac-signs-1.jpg
IP 151.139.128.10:443
Certificate IssuerLet's Encrypt
Subject*.rocketcdn.me
Fingerprint86:E4:D9:BC:AE:7C:48:16:D5:D5:C7:0F:C5:91:CD:71:0F:F8:42:BF
ValidityTue, 02 May 2023 05:54:17 GMT - Mon, 31 Jul 2023 05:54:16 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x600, components 3\012- data
Hash fae0723e81767f655a475d2294f8b982
1ceea4c9121fb63c4786bd22df7814f597aec310
e8e724a2a28d77d97c027e9fff0c280a1fee9e56b4b2821dff112ab252015ea7
GET /wp-content/uploads/2022/02/chinese-zodiac-signs-1.jpg HTTP/1.1
Host: q4k4k5i2.rocketcdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:41 GMT
content-length: 73927
content-type: image/jpeg
last-modified: Sun, 20 Feb 2022 22:46:51 GMT
accept-ranges: bytes
etag: "6212c4db-120c7"
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPpYMMKZSRFVUXHBvkDyKCTmdkZAQjjqs1Vg3FGV02MMFsFTSAVevAk44afw79hsKnWvErzBBG2hJz7W9Htf2USn0htevlojJQlcAQ9eItcr7hdIZbKKXKweaovui7clEE2EjGGBySALddEcJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 781c86fd4c4fb809-RIX
x-hw: 1684613981.cds262.sk1.hn,1684613981.cds232.sk1.c
vary: Accept-Encoding
x-powered-by: RocketCDN
link: <https://womensbusinessdaily.com/wp-content/uploads/2022/02/chinese-zodiac-signs-1.jpg>; rel="canonical"
X-Firefox-Spdy: h2
ltl-cin.com/wp-content/sites/6/chinese-zodiacs-799x800.jpg
104.21.74.139200 OK 100 kB URL GET HTTP/2 ltl-cin.com/wp-content/sites/6/chinese-zodiacs-799x800.jpg
IP 104.21.74.139:443
Certificate IssuerGoogle Trust Services LLC
Subject*.ltl-cin.com
Fingerprint4D:0E:E0:C7:83:6D:19:6F:6B:84:C3:DB:DD:B2:BA:26:84:6E:67:AF
ValiditySun, 26 Mar 2023 06:33:41 GMT - Sat, 24 Jun 2023 06:33:40 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 799x800, components 3\012- data
Hash 49a8179fbfca288cac8d2a771c3c8f5a
8e6d157f381680a720b2cde7317821d576f32a04
3918e23e31df2165fe75125053dbde2f3ad46251b8856231e085afddbef30b2d
GET /wp-content/sites/6/chinese-zodiacs-799x800.jpg HTTP/1.1
Host: ltl-cin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:41 GMT
content-type: image/jpeg
content-length: 99608
last-modified: Mon, 01 Mar 2021 07:20:09 GMT
etag: "18518-5bc7472a80dab"
cache-control: public, max-age=31536000
expires: Sun, 19 May 2024 20:19:41 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.3.2
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQAUzge%2FRH34ahw3%2FYuhNywRq0vAUnPsXYf464IoaAnsv9CbbEnzH94fsRh3bY9VMOMbGNQkCx%2FhgmRyr3gEFLN%2B1RE%2BdWAHMhQtWSSRL1nVyXgWkI1CTLiUlKkOYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a86de1b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.images.express.co.uk/img/dynamic/130/590x/12-Chinese-zodiac-signs-1551316.jpg
54.230.111.111200 OK 48 kB URL GET HTTP/2 cdn.images.express.co.uk/img/dynamic/130/590x/12-Chinese-zodiac-signs-1551316.jpg
IP 54.230.111.111:443
Certificate IssuerAmazon
Subjectcdn.images.express.co.uk
Fingerprint6B:79:2D:12:D1:0F:FB:02:4C:6B:77:89:BE:B5:AD:46:30:2C:A5:05
ValidityTue, 21 Feb 2023 00:00:00 GMT - Sat, 14 Oct 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 590x350, components 3\012- data
Hash 5075530415e7d343122a4ac9d8f03eb5
5c5fcd86c7e5b21afab10edaec86b1abe414e2d1
a2db4b142667b524563c31bcd458f2a7d9373fe1211fb27989c548d0b2636a33
GET /img/dynamic/130/590x/12-Chinese-zodiac-signs-1551316.jpg HTTP/1.1
Host: cdn.images.express.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 47826
date: Sat, 20 May 2023 20:19:42 GMT
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, POST
access-control-expose-headers: Access-Control-Allow-Origin
last-modified: Mon, 17 Jan 2022 13:46:18 GMT
etag: "5075530415e7d343122a4ac9d8f03eb5"
cache-control: public,max-age=300
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wD_i1uL0HeqC6li9iSPgKGdrPmRn3Uh-ELGOKJDFe_yp8fvCSsGCAg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash e230bd19edbe270b64c2712bb2f9dbb5
d932899fff8b45dfec130d2732208a2d6a4e4a34
8ef123771795f843f243914eea0869a2c08fa20e20032644597b637fae48a08f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 20:19:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.saymedia-content.com/.image/t_share/MTc0MjA0NjQ1ODE0NTc2NjM2/chinese-astrology-determining-your-month-day-and-hour-animal.png
151.101.193.169200 OK 301 kB URL GET HTTP/2 images.saymedia-content.com/.image/t_share/MTc0MjA0NjQ1ODE0NTc2NjM2/chinese-astrology-determining-your-month-day-and-hour-animal.png
IP 151.101.193.169:443
Certificate IssuerGlobalSign nv-sa
Subject*.saymedia-content.com
Fingerprint7F:5F:1D:8A:5C:01:87:46:57:95:E1:D1:3F:A8:D9:4D:97:96:A1:F6
ValidityTue, 15 Nov 2022 23:42:02 GMT - Sun, 17 Dec 2023 23:42:01 GMT
File type PNG image data, 1200 x 750, 8-bit/color RGB, non-interlaced\012- data
Size 301 kB (300808 bytes)
Hash 7b93de9516a61fccfea70409c908d82e
c13995254ffca7e10b94fe4b7e82cf11696d86bd
7f928e5226887b67c304d62c6cca4729a6098e9f86b719764122342ac4338c70
GET /.image/t_share/MTc0MjA0NjQ1ODE0NTc2NjM2/chinese-astrology-determining-your-month-day-and-hour-animal.png HTTP/1.1
Host: images.saymedia-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-tag: 620024778223258578444238224870611716713,458508228138032562694674978554344320573,6ad8536215968eb1f3494143392c77bf
content-type: image/png
etag: "7b93de9516a61fccfea70409c908d82e"
last-modified: Tue, 22 Sep 2020 22:24:37 GMT
cache-control: public, max-age=31557597
access-control-expose-headers: Content-Disposition,Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag
access-control-allow-origin: *
timing-allow-origin: *
server: Cloudinary
via: 1.1 varnish, 1.1 varnish
x-saycdn-ttl: 30571409.000
x-say-cacheable: YES
x-say-ttl: 31536000.000
accept-ranges: bytes
date: Sat, 20 May 2023 20:19:41 GMT
age: 2293595
x-served-by: cache-iad-kiad7000091-IAD, cache-bma1669-BMA
x-cache: HIT, HIT
x-cache-hits: 159, 1
x-timer: S1684613982.521816,VS0,VE2
vary: Accept-Encoding
server-timing: time-start-msec;dur=1684613981522,time-elapsed;dur=2,fastly-pop;desc=BMA,hit-state;desc=HIT-CLUSTER
content-length: 300808
X-Firefox-Spdy: h2
thewoksoflife.com/wp-content/uploads/2020/01/chinese_zodiac_placemat.jpg
104.26.13.200200 OK 95 kB URL GET HTTP/2 thewoksoflife.com/wp-content/uploads/2020/01/chinese_zodiac_placemat.jpg
IP 104.26.13.200:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint54:3E:8F:C6:98:4B:3F:BC:02:64:75:04:16:6C:66:62:1D:1B:F1:3C
ValidityMon, 08 May 2023 00:00:00 GMT - Tue, 07 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 658x438, components 3\012- data
Hash c4dafaaf79c2c9e26e37f3f4bccabd82
1180fff192626efed9ea402af8db2d711c1c9a8b
c29d7f915e8bd2f0fef32030cdf63d1a0d13ef644947900bbc647dd92a5e6178
GET /wp-content/uploads/2020/01/chinese_zodiac_placemat.jpg HTTP/1.1
Host: thewoksoflife.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:41 GMT
content-type: image/jpeg
content-length: 94669
last-modified: Tue, 06 Oct 2020 22:31:22 GMT
vary: Accept-Encoding
etag: "5f7cf03a-171cd"
x-powered-by: centminmod
x-hosted-by: BigScoots
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsQsmXQl1dqhDStuRBOJ37raOHrRjG0gzc4wJmJW1yZp6xwTwmabDQtwo5%2Ba1YYZVahlk2k18I%2BRmXROR7iHJCM6MVaqixadTn%2FhhINEB6NV327o%2FtYnk2cbL7E6r8EAgPXm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a50818b4f7-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 572462dd4adbe106835908e03722b18a
bdaaf6113bb8fb7e7cecea35e3ea71f85c02ee9c
d45c2bcf7a56f321862b87e349c745f2982dde920c26449c5c4ac10d800702c4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 20:19:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.thespruce.com/thmb/C9lamfPURsfUYrXCm7EImvzprcU=/1500x0/filters:no_upscale():max_bytes(150000):strip_icc()/chinese-zodiac-signs-and-month-of-the-year-1275139_FINAL-new-logo-f466da1b4b1c400db5e1fa8fd4ea7753.png
151.101.66.137200 OK 589 kB URL GET HTTP/2 www.thespruce.com/thmb/C9lamfPURsfUYrXCm7EImvzprcU=/1500x0/filters:no_upscale():max_bytes(150000):strip_icc()/chinese-zodiac-signs-and-month-of-the-year-1275139_FINAL-new-logo-f466da1b4b1c400db5e1fa8fd4ea7753.png
IP 151.101.66.137:443
Certificate IssuerLet's Encrypt
Subject*.thespruce.com
Fingerprint95:9B:AE:3C:1D:9B:0D:EB:C5:1E:7F:5C:1A:56:F8:65:BE:11:1D:ED
ValidityFri, 28 Apr 2023 11:09:49 GMT - Thu, 27 Jul 2023 11:09:48 GMT
File type PNG image data, 1500 x 1000, 8-bit colormap, non-interlaced\012- data
Size 589 kB (589425 bytes)
Hash 2f79c53f7e6faa52e430a2459a7297ec
cc7e910bec985d40e79533cdabf61e6dd02fbabe
aea4664b2a1bdbe0a8ee76338854f773b6b8681010bc7d570ff358cc23e950ba
GET /thmb/C9lamfPURsfUYrXCm7EImvzprcU=/1500x0/filters:no_upscale():max_bytes(150000):strip_icc()/chinese-zodiac-signs-and-month-of-the-year-1275139_FINAL-new-logo-f466da1b4b1c400db5e1fa8fd4ea7753.png HTTP/1.1
Host: www.thespruce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Tue, 18 Oct 2022 17:25:46 GMT
etag: "2f79c53f7e6faa52e430a2459a7297ec"
content-type: image/png
server: AmazonS3
cache-control: max-age=31536000,public,no-transform
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/557/re.p"}]}
accept-ranges: bytes
date: Sat, 20 May 2023 20:19:41 GMT
age: 2223446
x-robots-tag: noai, noimageai
x-served-by: cache-iad-kcgs7200051-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 64, 1
content-length: 589425
X-Firefox-Spdy: h2
www.wikihow.com/images/thumb/5/5b/Read-Your-Chinese-Horoscope-Step-1-Version-3.jpg/v4-460px-Read-Your-Chinese-Horoscope-Step-1-Version-3.jpg.webp
151.101.129.91200 OK 50 kB URL GET HTTP/2 www.wikihow.com/images/thumb/5/5b/Read-Your-Chinese-Horoscope-Step-1-Version-3.jpg/v4-460px-Read-Your-Chinese-Horoscope-Step-1-Version-3.jpg.webp
IP 151.101.129.91:443
Certificate IssuerGlobalSign nv-sa
Subject*.wikihow.com
Fingerprint06:DA:AF:62:5E:59:EC:1E:58:AE:E6:CB:95:A1:C5:25:8E:58:72:9E
ValidityFri, 14 Apr 2023 16:47:58 GMT - Wed, 15 May 2024 16:47:57 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 460x345, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 35a6aa70755a0805768d213cee473cd9
e1e587e8496248d4564a145f0796bfcfcb1a69e7
22c840398d83a6f012b148f4da1c42e43ace89a5b50a2326e129a21a57609d91
GET /images/thumb/5/5b/Read-Your-Chinese-Horoscope-Step-1-Version-3.jpg/v4-460px-Read-Your-Chinese-Horoscope-Step-1-Version-3.jpg.webp HTTP/1.1
Host: www.wikihow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Thu, 04 May 2017 16:31:15 GMT
etag: "35a6aa70755a0805768d213cee473cd9"
x-amz-cf-pop: ARN1-C1
cache-control: max-age=31536000
expires: Mon, 06 May 2024 02:02:18 GMT
accept-ranges: bytes
date: Sat, 20 May 2023 20:19:41 GMT
age: 1189043
x-c: cache-bma1650-BMA,H,1189043
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 49734
X-Firefox-Spdy: h2
www.wikihow.com/images/thumb/8/85/Read-Your-Chinese-Horoscope-Step-4-Version-2.jpg/v4-460px-Read-Your-Chinese-Horoscope-Step-4-Version-2.jpg.webp
151.101.129.91200 OK 40 kB URL GET HTTP/2 www.wikihow.com/images/thumb/8/85/Read-Your-Chinese-Horoscope-Step-4-Version-2.jpg/v4-460px-Read-Your-Chinese-Horoscope-Step-4-Version-2.jpg.webp
IP 151.101.129.91:443
Certificate IssuerGlobalSign nv-sa
Subject*.wikihow.com
Fingerprint06:DA:AF:62:5E:59:EC:1E:58:AE:E6:CB:95:A1:C5:25:8E:58:72:9E
ValidityFri, 14 Apr 2023 16:47:58 GMT - Wed, 15 May 2024 16:47:57 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 460x345, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eda372ef6faef80fcbcaa5cd067eb586
a8987c906e6f41c3242a057c9dfc3645fd499ae5
e03848db0c28ec5571528b8a8b2500a3f6da941a382370e503d49c6ce93f1209
GET /images/thumb/8/85/Read-Your-Chinese-Horoscope-Step-4-Version-2.jpg/v4-460px-Read-Your-Chinese-Horoscope-Step-4-Version-2.jpg.webp HTTP/1.1
Host: www.wikihow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Thu, 04 May 2017 16:35:10 GMT
etag: "eda372ef6faef80fcbcaa5cd067eb586"
x-amz-cf-pop: ARN1-C1
cache-control: max-age=31536000
expires: Thu, 16 May 2024 17:50:01 GMT
accept-ranges: bytes
date: Sat, 20 May 2023 20:19:41 GMT
age: 268180
x-c: cache-bma1650-BMA,H,268180
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39554
X-Firefox-Spdy: h2
status.geotrust.com/
192.229.221.95 471 B IP 192.229.221.95:0
Hash 52c8958664935453be9dc7a7547d732f
cb1e8140c8845236856be8b3352c08191bef9d7d
3e1691420e0f2d5b523f52e18e80759ffa2812a918b93196ae3cd49fd60e930b
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6582
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 20:19:41 GMT
Etag: "646886b5-1d7"
Expires: Sat, 20 May 2023 22:19:41 GMT
Last-Modified: Sat, 20 May 2023 08:37:09 GMT
Server: ECAcc (ska/F7A7)
X-Cache: HIT
Content-Length: 471
lirp.cdn-website.com/bca06b80/dms3rep/multi/opt/Jadepalace-img1-711x720-640w.jpg
143.204.55.102200 OK 43 kB URL GET HTTP/2 lirp.cdn-website.com/bca06b80/dms3rep/multi/opt/Jadepalace-img1-711x720-640w.jpg
IP 143.204.55.102:443
Certificate IssuerLet's Encrypt
Subjectmultiscreensite.com
Fingerprint55:52:B1:0A:DE:37:E0:29:FD:09:3D:39:2A:9E:5B:51:39:2F:C3:32
ValidityThu, 30 Mar 2023 11:41:55 GMT - Wed, 28 Jun 2023 11:41:54 GMT
File type GIF image data, version 89a, 711 x 720\012- data
Hash 281fd7dc98b76748a5ffb6ba4cfa1e23
7f6399bd56b5310f3fb6ef5eb638ff61d0b08c95
32eac44b081b8c7ad6a9074fc40c034577e1f9bc9d785fffaf8e40d2f9424ea6
GET /bca06b80/dms3rep/multi/opt/Jadepalace-img1-711x720-640w.jpg HTTP/1.1
Host: lirp.cdn-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpg
content-length: 42550
date: Sat, 20 May 2023 20:19:42 GMT
last-modified: Tue, 31 Jan 2023 03:57:11 GMT
x-amz-expiration: expiry-date="Mon, 31 Jul 2023 00:00:00 GMT", rule-id="delete images after 6 months"
etag: "281fd7dc98b76748a5ffb6ba4cfa1e23"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hMT5A-F8hi1u3y7mR309IofSeHDVNmCLqW580FRSclBcvj5za3ge-A==
X-Firefox-Spdy: h2
upload.wikimedia.org/wikipedia/commons/thumb/0/07/Chinese_Zodiac_carvings_on_ceiling_of_Kushida_Shrine,_Fukuoka.jpg/1200px-Chinese_Zodiac_carvings_on_ceiling_of_Kushida_Shrine,_Fukuoka.jpg
91.198.174.208200 OK 398 kB URL GET HTTP/2 upload.wikimedia.org/wikipedia/commons/thumb/0/07/Chinese_Zodiac_carvings_on_ceiling_of_Kushida_Shrine,_Fukuoka.jpg/1200px-Chinese_Zodiac_carvings_on_ceiling_of_Kushida_Shrine,_Fukuoka.jpg
IP 91.198.174.208:443
Certificate IssuerDigiCert Inc
Subject*.wikipedia.org
Fingerprint91:D4:DD:DD:2F:F9:18:E0:19:07:D8:6B:C7:54:54:F1:1A:8F:2C:DC
ValidityThu, 27 Oct 2022 00:00:00 GMT - Fri, 17 Nov 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 1200x1200, components 3\012- data
Size 398 kB (397637 bytes)
Hash be30c9d02fe6e9a27c3e986cbf2eb324
5776bda2430f5e58cde63ee9ff044dc969f87947
114531d663466ae3c319ff697b9a34fc20bf91506f57d9a540c6212cd3b816fd
GET /wikipedia/commons/thumb/0/07/Chinese_Zodiac_carvings_on_ceiling_of_Kushida_Shrine,_Fukuoka.jpg/1200px-Chinese_Zodiac_carvings_on_ceiling_of_Kushida_Shrine,_Fukuoka.jpg HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:41 GMT
content-type: image/jpeg
content-length: 397637
content-disposition: inline;filename*=UTF-8''Chinese_Zodiac_carvings_on_ceiling_of_Kushida_Shrine%2C_Fukuoka.jpg
last-modified: Fri, 22 Apr 2022 20:02:18 GMT
etag: be30c9d02fe6e9a27c3e986cbf2eb324
server: ATS/9.1.4
age: 0
x-cache: cp3057 hit, cp3065 miss
x-cache-status: hit-local
server-timing: cache;desc="hit-local", host;desc="cp3065"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
x-client-ip: 91.90.42.154
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 09f135fa74d25ff0e94a2a497312a05c
d422e86ff1323b3d82a95da078a5a108d71d753e
5b27db5bb8b0ccd312e87ca4f832e6cc17d1218c5631485f77f1592a6780e748
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 20 May 2023 20:19:42 GMT
Last-Modified: Sat, 20 May 2023 19:13:46 GMT
Server: ECAcc (nya/79EB)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9QguFp-3uPzGgqkiWUs3toFC2pygeR69SWEXppDekPDRx5Hv-k1QSQ==
Age: 3957
vtwp-media.s3-accelerate.amazonaws.com/2021/07/zodiac-year-chart-2021-07-05-1640-768x497.jpg
54.230.82.23200 OK 73 kB URL GET HTTP/1.1 vtwp-media.s3-accelerate.amazonaws.com/2021/07/zodiac-year-chart-2021-07-05-1640-768x497.jpg
IP 54.230.82.23:443
Certificate IssuerAmazon
Subject*.s3-accelerate.amazonaws.com
FingerprintD6:66:C4:2C:E2:F4:BA:6B:F4:D7:1D:FA:D0:5B:DA:B7:0E:3F:E5:00
ValidityThu, 16 Mar 2023 00:00:00 GMT - Thu, 11 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 768x497, components 3\012- data
Hash fa2a7a9b6cc9a03e324e9585013e036f
062b10cd3111ef866d6eebace99803c3581fb723
7677525f8a995a93699f1a3d039b7b870a9dd10c06550150d86393c1c203d75c
GET /2021/07/zodiac-year-chart-2021-07-05-1640-768x497.jpg HTTP/1.1
Host: vtwp-media.s3-accelerate.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 72922
Connection: keep-alive
x-amz-id-2: sx0ju5ElxmUNZQF1M1Ig80/EtVTBobikiQCzPG4B295JbnjWkpu2PNolqfbnrRE4b9GfgQYnNcQ=
x-amz-request-id: 9ZN1BWDMQWMMP44X
Date: Sat, 20 May 2023 20:19:42 GMT
Last-Modified: Mon, 05 Jul 2021 21:41:23 GMT
ETag: "fa2a7a9b6cc9a03e324e9585013e036f"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OhMlQC2yep2ml3tMZOfAYq368_8FeTBpOBe0WrOo-WdE66r4bWiK3w==
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.25.14200 OK 77 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.25.14:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:42 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 324805
expires: Thu, 09 May 2024 20:19:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnZZdcp5Gwd35CYzWv4JlYbr7WOVw7qG2ciUkNnlKTCwNjtHMQWdXF5fi9NKUEXZALg%2BfLSIE1s5TM6RLySeAi8WOty%2BKgnccFYlBTfHSLzviDHYTmbeDgTiTmgiZ2p75sKwrb1g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ca746abca920b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 7f54a940635d0b719df5cde2b396c48c
f37fedef2f4d81c9c32895b8497fc88e916c8e73
9583c204f7a3dbb101eaf29998e006c6e11adf1a9642ed2e2d1766f6264c8b7a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 20:19:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 04:04:41 GMT
expires: Fri, 17 May 2024 04:04:41 GMT
cache-control: public, max-age=31536000
age: 231301
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 7f54a940635d0b719df5cde2b396c48c
f37fedef2f4d81c9c32895b8497fc88e916c8e73
9583c204f7a3dbb101eaf29998e006c6e11adf1a9642ed2e2d1766f6264c8b7a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 20:19:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogs.transparent.com/chinese/wp-content/uploads/sites/6/2012/01/chinese_zodiac.gif
54.226.207.42200 OK 50 kB URL GET HTTP/2 blogs.transparent.com/chinese/wp-content/uploads/sites/6/2012/01/chinese_zodiac.gif
IP 54.226.207.42:443
Certificate IssuerDigiCert Inc
Subject*.transparent.com
Fingerprint3E:30:A6:1F:13:C1:BF:B7:58:8E:DF:71:08:FB:D2:0B:7E:4E:A7:D4
ValidityMon, 16 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type GIF image data, version 89a, 483 x 314\012- data
Hash eefd2db832e7e3e27f449d572700c26d
888d2f55037c08798616310d1c8da51c41884e2e
e8c6b3bca8f6c5a8fcf438802870c021c7aaa297108ec90ffdaf8705bcc5177e
GET /chinese/wp-content/uploads/sites/6/2012/01/chinese_zodiac.gif HTTP/1.1
Host: blogs.transparent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:42 GMT
content-type: image/gif
content-length: 50264
server: Apache
cache-control: max-age=604800, must-revalidate, proxy-revalidate
last-modified: Wed, 11 Jan 2012 03:12:47 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.chinesefortunecalendar.com/ChineseZodiac/Images/SimpleZodiacChart.png
64.20.40.230200 OK 14 kB URL GET HTTP/2 www.chinesefortunecalendar.com/ChineseZodiac/Images/SimpleZodiacChart.png
IP 64.20.40.230:443
Certificate IssuerLet's Encrypt
Subjectchinesefortunecalendar.com
Fingerprint8D:AD:35:A2:3A:A4:48:B7:80:C9:C4:1D:C7:88:77:EB:97:C8:0F:7D
ValiditySat, 01 Apr 2023 01:23:45 GMT - Fri, 30 Jun 2023 01:23:44 GMT
File type PNG image data, 341 x 190, 8-bit colormap, non-interlaced\012- data
Hash dcac514146a6b3638894fee883c7ff4b
39fed012b16796e6c69723ab9d644cefd2f0fd18
00fbd10d034332263051a3c9ab66354c579269be91e59c1537c4cac967c5773d
GET /ChineseZodiac/Images/SimpleZodiacChart.png HTTP/1.1
Host: www.chinesefortunecalendar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 10 Nov 2021 20:01:54 GMT
accept-ranges: bytes
etag: "161313cf6dd6d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 20 May 2023 20:19:41 GMT
content-length: 13825
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 09:09:22 GMT
expires: Fri, 17 May 2024 09:09:22 GMT
cache-control: public, max-age=31536000
age: 213020
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
slm-assets.secondlife.com/assets/5267662/lightbox/chinese%20astrology%20chart_t.jpg
23.36.76.187200 OK 70 kB URL GET HTTP/2 slm-assets.secondlife.com/assets/5267662/lightbox/chinese%20astrology%20chart_t.jpg
IP 23.36.76.187:443
ASN #20940 Akamai International B.V.
Certificate IssuerDigiCert Inc
Subject*.secondlife.com
Fingerprint19:51:4A:1B:96:5B:D3:4D:DD:6B:9E:44:E6:74:87:5C:9B:01:6E:F4
ValidityFri, 05 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 78x78, segment length 16, baseline, precision 8, 512x512, components 3\012- data
Hash 73f10272c85acb0f75c985298b840863
f7d3eb49cbbeda81e77c985200c0c04bfdbf7610
06b57ce7f8d7d0503f8c786960eb6aa5451eef4d7a55af04a204cdfcf99b1159
GET /assets/5267662/lightbox/chinese%20astrology%20chart_t.jpg HTTP/1.1
Host: slm-assets.secondlife.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Sun, 18 Mar 2012 14:02:44 GMT
etag: "73f10272c85acb0f75c985298b840863"
accept-ranges: bytes
content-type: image/x-png
content-length: 70094
cache-control: public, max-age=31536000
date: Sat, 20 May 2023 20:19:41 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2023q2
104.18.21.226 1.5 kB URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2023q2
IP 104.18.21.226:0
Hash 7972e216497fc4cb06d6bee47efe307c
80d06fb4d937b4afbd0b26bcaa4087fa09fbc509
dcdd719e90feb3bdfc90cbe20df2e511c25224c66f211858fb9854499a6453cd
POST /ca/gsatlasr3dvtlsca2023q2 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 20 May 2023 20:19:42 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1D5D27C51349853DEFBC5312B9EC8797DBF813ED"
Expires: Sun, 21 May 2023 07:00:00 GMT
Last-Modified: Sat, 20 May 2023 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2218
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ca746ad4b91fab8-OSL
lirp.cdn-website.com/bca06b80/dms3rep/multi/opt/Jadepalace-img-711x510-640w.jpg
143.204.55.102200 OK 60 kB URL GET HTTP/2 lirp.cdn-website.com/bca06b80/dms3rep/multi/opt/Jadepalace-img-711x510-640w.jpg
IP 143.204.55.102:443
Certificate IssuerLet's Encrypt
Subjectmultiscreensite.com
Fingerprint55:52:B1:0A:DE:37:E0:29:FD:09:3D:39:2A:9E:5B:51:39:2F:C3:32
ValidityThu, 30 Mar 2023 11:41:55 GMT - Wed, 28 Jun 2023 11:41:54 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x459, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e1e2dc803cd0e593df1a51e1ad8404ac
7ca778d921b767a573c810f7a390a401970bed0c
0609f1269a2bbebb093d1c907517dfbe8a6678ce27b8f4b20ebbb28480241a81
GET /bca06b80/dms3rep/multi/opt/Jadepalace-img-711x510-640w.jpg HTTP/1.1
Host: lirp.cdn-website.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 59988
date: Sat, 20 May 2023 20:19:42 GMT
last-modified: Tue, 31 Jan 2023 03:00:06 GMT
x-amz-expiration: expiry-date="Mon, 31 Jul 2023 00:00:00 GMT", rule-id="delete images after 6 months"
etag: "e1e2dc803cd0e593df1a51e1ad8404ac"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: sHRbcw-2FVJpIqmHRU_3K2l_r1QSrMwW_heVAhULkMHHYsdwf5zAGQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 7f54a940635d0b719df5cde2b396c48c
f37fedef2f4d81c9c32895b8497fc88e916c8e73
9583c204f7a3dbb101eaf29998e006c6e11adf1a9642ed2e2d1766f6264c8b7a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 20:19:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.cn/
47.246.44.205 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a4ffd79bf6daac32adef01d939a5f32e
1cec84cfafe60b1ab6b3f5c066cac32c8cbd1398
b08135137d26c291e8c940e8fc0fffcc8ae44e51ce1ab832f30fc1bf24d967e7
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=7200'
Date: Sat, 20 May 2023 20:19:42 GMT
Ali-Swift-Global-Savetime: 1684613982
Via: cache6.l2de2[5,5,200-0,M], cache6.l2de2[6,0], cache1.se1[26,26,200-0,M], cache1.se1[27,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 20 May 2023 20:19:42 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516846139822127722e
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226 1.4 kB URL ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 120099104a1370357c52a0beaecc9c4c
45320725fe8423c9dacd3a713dc73c1875ba38dc
2a80c7924be563d696d4d175862e40eb64e3e682a367fd11084b2fddb9677545
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 20 May 2023 20:19:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 24 May 2023 19:31:24 GMT
ETag: "45320725fe8423c9dacd3a713dc73c1875ba38dc"
Last-Modified: Sat, 20 May 2023 19:31:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1687
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ca746b09f0ab524-OSL
sdk.51.la/js-sdk-pro.min.js
42.236.73.194200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 42.236.73.194:443
ASN #4837 CHINA UNICOM China169 Backbone
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 20 May 2023 20:19:42 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 15 May 2023 03:21:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6461a52a-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
fileserver.teachstarter.com/thumbnails/1405524-chinese-zodiac-calendar-us-thumbnail-0-600x400.png
172.66.40.85200 OK 33 kB URL GET HTTP/2 fileserver.teachstarter.com/thumbnails/1405524-chinese-zodiac-calendar-us-thumbnail-0-600x400.png
IP 172.66.40.85:443
Certificate IssuerCloudflare, Inc.
Subjectteachstarter.com
Fingerprint42:01:0C:02:FA:9E:2A:AD:B8:72:47:C1:5E:D6:AD:E0:AD:B4:F8:B7
ValidityThu, 30 Mar 2023 00:00:00 GMT - Fri, 29 Mar 2024 23:59:59 GMT
File type PNG image data, 600 x 314, 8-bit colormap, non-interlaced\012- data
Hash e4eaeb19873509eafc37af630a0fb74e
d403361efc9276aaf7b75e83280614605dc9d037
93d925fa042c62492c98531d9647d7811f1a0369196b3fd3bf41a00df7fa5710
GET /thumbnails/1405524-chinese-zodiac-calendar-us-thumbnail-0-600x400.png HTTP/1.1
Host: fileserver.teachstarter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:43 GMT
content-type: image/png
content-length: 32935
x-guploader-uploadid: ADPycduHDfV76LqlyN0dZg0R8yt4PTsaS9J4Euoor0KboOzJxCDpPpQghXVK5DehAPh5kOcCZn3M2EGlCgEffrVcE6pDbncp6Wns
expires: Sat, 20 May 2023 21:19:42 GMT
cache-control: public, max-age=3600
last-modified: Mon, 12 Dec 2022 20:31:13 GMT
etag: "e4eaeb19873509eafc37af630a0fb74e"
x-goog-generation: 1670877073382326
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 32935
x-goog-hash: crc32c=sOJ3Xw==, md5=5OrrGYc1Cer8N69jCg+3Tg==
x-goog-storage-class: STANDARD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746a84f17b505-OSL
X-Firefox-Spdy: h2
plusungratefulinstruction.com/e583a5e1619406c516e455d245e6bc2e/invoke.js
173.233.137.44200 OK 9.8 kB URL GET HTTP/1.1 plusungratefulinstruction.com/e583a5e1619406c516e455d245e6bc2e/invoke.js
IP 173.233.137.44:443
Certificate IssuerLet's Encrypt
Subject*.plusungratefulinstruction.com
FingerprintBD:B4:A8:F0:6C:78:C3:93:A0:84:11:FF:E1:42:52:37:5A:51:06:50
ValidityTue, 04 Apr 2023 06:38:35 GMT - Mon, 03 Jul 2023 06:38:34 GMT
File type exported SGML document, ASCII text, with very long lines (26974), with no line terminators
Hash f07e94af6f93df1da077d8d3d6dc2ddb
4a50d24ac4ba1beecb34d332ea3d3c7c65ce438d
dd7f6d23580f98c4ac7708be8470e142c08b60ccaa7b9b9f5500afb9b929f414
GET /e583a5e1619406c516e455d245e6bc2e/invoke.js HTTP/1.1
Host: plusungratefulinstruction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 214565d44b416e0a71dac14b413f5ee0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 422518fc0b6382b06d858d9938bdc113
e5a4760f40fb039ce7cd9bfa8d4aa2a20eb5c328
e27908633156c7710a4aba75ea0e23b0132e660a0467fd7ee0dc199aa85f6148
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 20 May 2023 20:19:44 GMT
Last-Modified: Sat, 20 May 2023 18:49:56 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: F_tIPi3s_yu2QZ40naXv-yBbbtaxy4UqCGjJB1rCgCIrQUMTV4eiyg==
Age: 5389
teethbatchevy.com/a3/39/ee/a339ee563fe11ff56bd0258698d823f9.js
173.233.139.164200 OK 29 kB URL GET HTTP/1.1 teethbatchevy.com/a3/39/ee/a339ee563fe11ff56bd0258698d823f9.js
IP 173.233.139.164:443
Certificate IssuerLet's Encrypt
Subjectteethbatchevy.com
FingerprintE5:AE:86:BC:67:0B:82:56:A6:92:10:1C:58:59:53:F9:F6:FB:7C:33
ValidityWed, 03 May 2023 21:36:47 GMT - Tue, 01 Aug 2023 21:36:46 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash d01aa2c4a870827c35ae56ed937d768a
ab3894e7474900f850576615fdd4b0577d518ebf
82317e722cc39d96f6fa86b6841a1d3145c048b63708b8c11e7c3e4b91ad4fa6
Analyzer Verdict Alert quad9 Sinkholed
GET /a3/39/ee/a339ee563fe11ff56bd0258698d823f9.js HTTP/1.1
Host: teethbatchevy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ffc5dd5ccad6961457aa6172e672d289
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
18.192.155.180200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP 18.192.155.180:443
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 93267f641d566006f08291a1665c30a5
bb869ef6dd75c749074941295402ca667f7bdd80
393f6b45b77497b5a062f1fc96c9e5183bee494a4b1a02924fa4206685875193
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:44 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://afuncan.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=293e719b-bb2a-4b88-8680-16b2c9df1442:2:1; expires=Tue, 17 May 2033 20:19:44 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.192.155.180200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP 18.192.155.180:443
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 32c48215d4124c4411539a680736a53f
4f9f2f74894c5b852de66d07b08f04e6cd47d559
1d470f3c4f3ba771ec5cbaa6e36f1ea1b3938056dcfb67c938b4d3090bb89efb
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:44 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://afuncan.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4:3:1; expires=Tue, 17 May 2033 20:19:44 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
teethbatchevy.com/watch.175490968583.js?key=e583a5e1619406c516e455d245e6bc2e&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=293e719b-bb2a-4b88-8680-16b2c9df1442%3A2%3A1
173.233.139.164307 Temporary Redirect 0 B URL GET HTTP/1.1 teethbatchevy.com/watch.175490968583.js?key=e583a5e1619406c516e455d245e6bc2e&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=293e719b-bb2a-4b88-8680-16b2c9df1442%3A2%3A1
IP 173.233.139.164:443
Certificate IssuerLet's Encrypt
Subjectteethbatchevy.com
FingerprintE5:AE:86:BC:67:0B:82:56:A6:92:10:1C:58:59:53:F9:F6:FB:7C:33
ValidityWed, 03 May 2023 21:36:47 GMT - Tue, 01 Aug 2023 21:36:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.175490968583.js?key=e583a5e1619406c516e455d245e6bc2e&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=293e719b-bb2a-4b88-8680-16b2c9df1442%3A2%3A1 HTTP/1.1
Host: teethbatchevy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:44 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://afuncan.com
Access-Control-Allow-Origin: https://afuncan.com
Access-Control-Allow-Credentials: true
Location: https://teethbatchevy.com/watch.175490968583.js?key=e583a5e1619406c516e455d245e6bc2e&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=293e719b-bb2a-4b88-8680-16b2c9df1442%3A2%3A1&shu=d19724364872b05f994df6ea4e44f841fdeabe557be55f78d456c1d83f19a19f324f0aeb0d9c8747b7e43e70746428aa6e974ad5584ea57b80ab322ef90760d9ea101394c45c31c47b57ff4850e2367f96ea60ce3b8b3187440d13267e31f13f&pst=1684614044&rmtc=t
Set-Cookie: u_pl=19201956; expires=Sun, 21 May 2023 20:19:44 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTIwMTk1NiwiayI6ImU1ODNhNWUxNjE5NDA2YzUxNmU0NTVkMjQ1ZTZiYzJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDk1NTg2LCJwaWQiOjY4MTIwOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiaWNjbTBmcWlwZiIsImNwa3MiOnsgIjI4IjoiYTMzOWVlNTYzZmUxMWZmNTZiZDAyNTg2OThkODIzZjkifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hZnVuY2FuLmNvbS8ifX0.-moL2nnM2kX011s6FT_dfyLxkiIzqtXqlOjcoQGiB4I; expires=Sat, 20 May 2023 20:20:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1327da14f7d293012c02f43e392093e
Strict-Transport-Security: max-age=0; includeSubdomains
teethbatchevy.com/watch.175490968583.js?key=e583a5e1619406c516e455d245e6bc2e&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=293e719b-bb2a-4b88-8680-16b2c9df1442%3A2%3A1&shu=d19724364872b05f994df6ea4e44f841fdeabe557be55f78d456c1d83f19a19f324f0aeb0d9c8747b7e43e70746428aa6e974ad5584ea57b80ab322ef90760d9ea101394c45c31c47b57ff4850e2367f96ea60ce3b8b3187440d13267e31f13f&pst=1684614044&rmtc=t
173.233.139.164200 OK 2.1 kB URL GET HTTP/1.1 teethbatchevy.com/watch.175490968583.js?key=e583a5e1619406c516e455d245e6bc2e&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=293e719b-bb2a-4b88-8680-16b2c9df1442%3A2%3A1&shu=d19724364872b05f994df6ea4e44f841fdeabe557be55f78d456c1d83f19a19f324f0aeb0d9c8747b7e43e70746428aa6e974ad5584ea57b80ab322ef90760d9ea101394c45c31c47b57ff4850e2367f96ea60ce3b8b3187440d13267e31f13f&pst=1684614044&rmtc=t
IP 173.233.139.164:443
Certificate IssuerLet's Encrypt
Subjectteethbatchevy.com
FingerprintE5:AE:86:BC:67:0B:82:56:A6:92:10:1C:58:59:53:F9:F6:FB:7C:33
ValidityWed, 03 May 2023 21:36:47 GMT - Tue, 01 Aug 2023 21:36:46 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (2616)
Hash 0d14a6a3c1ad6b3d2943b00b492e6e6e
e758a88048287639b4f4e6ccf1e87ee87ad32e53
7f1196878fac139324420e21e21b25f221950c7b3079ade0c19c8c5a2ccba970
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.175490968583.js?key=e583a5e1619406c516e455d245e6bc2e&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=293e719b-bb2a-4b88-8680-16b2c9df1442%3A2%3A1&shu=d19724364872b05f994df6ea4e44f841fdeabe557be55f78d456c1d83f19a19f324f0aeb0d9c8747b7e43e70746428aa6e974ad5584ea57b80ab322ef90760d9ea101394c45c31c47b57ff4850e2367f96ea60ce3b8b3187440d13267e31f13f&pst=1684614044&rmtc=t HTTP/1.1
Host: teethbatchevy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afuncan.com
Referer: https://afuncan.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19201956; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTIwMTk1NiwiayI6ImU1ODNhNWUxNjE5NDA2YzUxNmU0NTVkMjQ1ZTZiYzJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDk1NTg2LCJwaWQiOjY4MTIwOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiaWNjbTBmcWlwZiIsImNwa3MiOnsgIjI4IjoiYTMzOWVlNTYzZmUxMWZmNTZiZDAyNTg2OThkODIzZjkifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hZnVuY2FuLmNvbS8ifX0.-moL2nnM2kX011s6FT_dfyLxkiIzqtXqlOjcoQGiB4I
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://afuncan.com
Access-Control-Allow-Origin: https://afuncan.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=293e719b-bb2a-4b88-8680-16b2c9df1442:2:1; expires=Sat, 27 May 2023 20:19:44 GMT; secure; SameSite=None
iprcd3575edaac7e20a1972ae27c198a2a4e=3569808; expires=Sun, 21 May 2023 00:19:44 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 21 May 2023 20:19:44 GMT; secure; SameSite=None
uncs=1; expires=Sun, 21 May 2023 20:19:44 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sun, 21 May 2023 20:19:44 GMT; secure; SameSite=None
uncs23=1; expires=Sun, 21 May 2023 20:19:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8cd41fc069b20729c28f0cf45a69f58a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
plusungratefulinstruction.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js
173.233.137.44200 OK 9.8 kB URL GET HTTP/1.1 plusungratefulinstruction.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js
IP 173.233.137.44:443
Certificate IssuerLet's Encrypt
Subject*.plusungratefulinstruction.com
FingerprintBD:B4:A8:F0:6C:78:C3:93:A0:84:11:FF:E1:42:52:37:5A:51:06:50
ValidityTue, 04 Apr 2023 06:38:35 GMT - Mon, 03 Jul 2023 06:38:34 GMT
File type exported SGML document, ASCII text, with very long lines (26972), with no line terminators
Hash 13fd981f6c3cf889480b0413ba86b3cb
4b79254619bbbe4bc959a3a4a8e6c35f6278b5c1
4be0a0cc8f7bb93a0b9e665f96f6d7c58645796f5f87a472629a6cda97ae85bf
GET /57ee57c2e047d2075f8b6b3808a144ff/invoke.js HTTP/1.1
Host: plusungratefulinstruction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae6ad939e62881e75a80e52c40991af1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
45.133.44.9200 OK 106 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
IP 45.133.44.9:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B
ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size 106 kB (105910 bytes)
Hash a36b92bb68d9b579458560ba9b94862a
782d2932ccd3a56e5aad1cca7e6e7fb4a3cf23d6
9de12cf85ad80cae34d8bdaeb59169d75e3bd4f8b931ec90ea2c3be166647c0e
GET /cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:45 GMT
content-type: image/png
content-length: 105910
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:08:06 GMT
etag: "62e11c96-19db6"
expires: Mon, 22 May 2023 20:19:45 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
excitementoppressive.com/pixel/purst?dl=0&th=0&sc=0&rs=5148&rd=5148&fd=551&bv=22.10.v.10&tmpl=136
192.243.61.227200 OK 0 B URL GET HTTP/1.1 excitementoppressive.com/pixel/purst?dl=0&th=0&sc=0&rs=5148&rd=5148&fd=551&bv=22.10.v.10&tmpl=136
IP 192.243.61.227:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectexcitementoppressive.com
Fingerprint95:6B:E6:9E:9C:D5:06:E1:EF:CA:B3:63:B2:0C:EA:DD:86:4C:0D:6F
ValidityMon, 01 May 2023 19:30:35 GMT - Sun, 30 Jul 2023 19:30:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=5148&rd=5148&fd=551&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: excitementoppressive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:45 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
tideairtight.com/c5/29/f7/c529f7cfa1e1d5fb85c17a239e5fedc4.js
192.243.61.227200 OK 13 kB URL GET HTTP/1.1 tideairtight.com/c5/29/f7/c529f7cfa1e1d5fb85c17a239e5fedc4.js
IP 192.243.61.227:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjecttideairtight.com
Fingerprint1C:4D:0B:15:D2:E0:CD:05:28:C5:68:19:52:09:71:D6:CD:36:3C:D7
ValidityMon, 01 May 2023 19:33:15 GMT - Sun, 30 Jul 2023 19:33:14 GMT
File type ASCII text, with very long lines (37143), with no line terminators
Hash 2ce0646dd20ea26343e6bc2c2989788d
176cd4738e17a1a8c531ea7fe8f8125432d017c0
da764e08cfc447ea6197616fae64fccddd3a221a5efdb9b6f2cf56b8a8c8c5d3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /c5/29/f7/c529f7cfa1e1d5fb85c17a239e5fedc4.js HTTP/1.1
Host: tideairtight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38e1984a21376857d371df3c870074c5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
tideairtight.com/watch.184225974528.js?key=57ee57c2e047d2075f8b6b3808a144ff&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1
192.243.61.227307 Temporary Redirect 0 B URL GET HTTP/1.1 tideairtight.com/watch.184225974528.js?key=57ee57c2e047d2075f8b6b3808a144ff&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1
IP 192.243.61.227:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjecttideairtight.com
Fingerprint1C:4D:0B:15:D2:E0:CD:05:28:C5:68:19:52:09:71:D6:CD:36:3C:D7
ValidityMon, 01 May 2023 19:33:15 GMT - Sun, 30 Jul 2023 19:33:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.184225974528.js?key=57ee57c2e047d2075f8b6b3808a144ff&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1 HTTP/1.1
Host: tideairtight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:45 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://afuncan.com
Access-Control-Allow-Origin: https://afuncan.com
Access-Control-Allow-Credentials: true
Location: https://tideairtight.com/watch.184225974528.js?key=57ee57c2e047d2075f8b6b3808a144ff&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1&shu=106545f2d45277611c9810c96810e298c43edc4bd9ca9afee8030ef0687e923172afe927ac5d4d9a21eb2e5ac44349c20ec2128d63ae801eb6ca9a714a3217720f2c9206a3b26762c363c217c776bb475e8b687c&pst=1684614045&rmtc=t
Set-Cookie: u_pl=19201963; expires=Sun, 21 May 2023 20:19:45 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTIwMTk2MywiayI6IjU3ZWU1N2MyZTA0N2QyMDc1ZjhiNmIzODA4YTE0NGZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDk1NTg2LCJwaWQiOjY4MTIwOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJpOWRxY2ZpcXkiLCJjcGtzIjp7ICIyOSI6ImM1MjlmN2NmYTFlMWQ1ZmI4NWMxN2EyMzllNWZlZGM0In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYWZ1bmNhbi5jb20vIn19.RPFkuKkUnvb7Je8FQRRZp622gAQ7X_U8Rb4visaWkUk; expires=Sat, 20 May 2023 20:20:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 249cde428654777e590958b6c4ee2f2a
Strict-Transport-Security: max-age=0; includeSubdomains
tideairtight.com/watch.184225974528.js?key=57ee57c2e047d2075f8b6b3808a144ff&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1&shu=106545f2d45277611c9810c96810e298c43edc4bd9ca9afee8030ef0687e923172afe927ac5d4d9a21eb2e5ac44349c20ec2128d63ae801eb6ca9a714a3217720f2c9206a3b26762c363c217c776bb475e8b687c&pst=1684614045&rmtc=t
192.243.61.227200 OK 2.1 kB URL GET HTTP/1.1 tideairtight.com/watch.184225974528.js?key=57ee57c2e047d2075f8b6b3808a144ff&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1&shu=106545f2d45277611c9810c96810e298c43edc4bd9ca9afee8030ef0687e923172afe927ac5d4d9a21eb2e5ac44349c20ec2128d63ae801eb6ca9a714a3217720f2c9206a3b26762c363c217c776bb475e8b687c&pst=1684614045&rmtc=t
IP 192.243.61.227:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjecttideairtight.com
Fingerprint1C:4D:0B:15:D2:E0:CD:05:28:C5:68:19:52:09:71:D6:CD:36:3C:D7
ValidityMon, 01 May 2023 19:33:15 GMT - Sun, 30 Jul 2023 19:33:14 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (2631)
Hash 11e31276c24b32843f27fe919c1f9752
a33d863f003d60c75a61a1e8a59fb1051e725301
49aff112fd0272bc4a4c7c109bf11b686d94a08c6605b09d6bf40c7bdadf6207
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.184225974528.js?key=57ee57c2e047d2075f8b6b3808a144ff&kw=%5B%22afuncan%22%2C%22com%22%2C%22play%22%2C%22html5%22%2C%22games%22%5D&refer=https%3A%2F%2Fafuncan.com%2F&tz=0&dev=e&res=12.2079&uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1&shu=106545f2d45277611c9810c96810e298c43edc4bd9ca9afee8030ef0687e923172afe927ac5d4d9a21eb2e5ac44349c20ec2128d63ae801eb6ca9a714a3217720f2c9206a3b26762c363c217c776bb475e8b687c&pst=1684614045&rmtc=t HTTP/1.1
Host: tideairtight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afuncan.com
Referer: https://afuncan.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19201963; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTIwMTk2MywiayI6IjU3ZWU1N2MyZTA0N2QyMDc1ZjhiNmIzODA4YTE0NGZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDk1NTg2LCJwaWQiOjY4MTIwOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJpOWRxY2ZpcXkiLCJjcGtzIjp7ICIyOSI6ImM1MjlmN2NmYTFlMWQ1ZmI4NWMxN2EyMzllNWZlZGM0In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYWZ1bmNhbi5jb20vIn19.RPFkuKkUnvb7Je8FQRRZp622gAQ7X_U8Rb4visaWkUk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://afuncan.com
Access-Control-Allow-Origin: https://afuncan.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4:3:1; expires=Sat, 27 May 2023 20:19:45 GMT; secure; SameSite=None
iprc80d7d4e21c7807aac8930dd3bae71ea8=3569806; expires=Sun, 21 May 2023 00:19:45 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 21 May 2023 20:19:45 GMT; secure; SameSite=None
uncs=1; expires=Sun, 21 May 2023 20:19:45 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 21 May 2023 20:19:45 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 21 May 2023 20:19:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 12d2a8d1052fab97d3b7a2c769d18f58
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.9200 OK 144 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.9:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B
ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:46 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Mon, 22 May 2023 20:19:46 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
192.243.61.225200 OK 0 B URL GET HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.61.225:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subject*.banquetunarmedgrater.com
FingerprintB6:94:DA:E3:84:16:54:0C:6B:00:48:97:8B:AC:17:A6:7D:9D:BE:6B
ValidityMon, 03 Apr 2023 06:06:16 GMT - Sun, 02 Jul 2023 06:06:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:46 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 66fa9ea36ae1add8d07bcc45c5638a67
Strict-Transport-Security: max-age=0; includeSubdomains
excitementoppressive.com/sbar.json?key=c529f7cfa1e1d5fb85c17a239e5fedc4&uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1
192.243.61.227200 OK 3.1 kB URL GET HTTP/1.1 excitementoppressive.com/sbar.json?key=c529f7cfa1e1d5fb85c17a239e5fedc4&uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1
IP 192.243.61.227:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectexcitementoppressive.com
Fingerprint95:6B:E6:9E:9C:D5:06:E1:EF:CA:B3:63:B2:0C:EA:DD:86:4C:0D:6F
ValidityMon, 01 May 2023 19:30:35 GMT - Sun, 30 Jul 2023 19:30:34 GMT
File type JSON data\012- , ASCII text, with very long lines (5619), with no line terminators
Hash 30f8b1bca975a3cfd4258050660e6fd0
2cfd05eca5adf17748f254efac147862bc9d9fc7
a7c68fa2b881efaa0b10b99a4a52e32f0cffd301884b08c62e1ad80380707a6d
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=c529f7cfa1e1d5fb85c17a239e5fedc4&uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1 HTTP/1.1
Host: excitementoppressive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:46 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://afuncan.com
Access-Control-Allow-Origin: https://afuncan.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19309494; expires=Sun, 21 May 2023 20:19:46 GMT; secure; SameSite=None
uid_id2=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4:3:1; expires=Sat, 27 May 2023 20:19:46 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 21 May 2023 20:19:46 GMT; secure; SameSite=None
uncs=1; expires=Sun, 21 May 2023 20:19:46 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 21 May 2023 20:19:46 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 21 May 2023 20:19:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 775b0b6d3880be7e3ba6edae5b2dd7d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
afuncan.com/includes/statistics.php
104.21.65.132200 OK 224 kB URL POST HTTP/3 afuncan.com/includes/statistics.php
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
Size 224 kB (223487 bytes)
Hash dc4a468bfc83a2b516e1dfafd86d05d3
f5a63596a9490da2a2a22103320c8dc2b1274ddd
272eccd077168b526075388a6ff9d0b0b821cc3e988c30f3e9c65da554c66837
POST /includes/statistics.php HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 131
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov; _ga_JPJFVSE5RF=GS1.1.1684613981.1.0.1684613981.0.0.0; _ga=GA1.1.2079958386.1684613982; __vtins__JeU8LzNK5S5H4Mzc=%7B%22sid%22%3A%20%22de488725-2740-59e8-b1cc-c99adcd5d0d1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201684615783123%2C%20%22ct%22%3A%201684613983123%7D; __51uvsct__JeU8LzNK5S5H4Mzc=1; __51vcke__JeU8LzNK5S5H4Mzc=abb1115a-519a-5dd7-9aa8-c3a8020ae6c8; __51vuft__JeU8LzNK5S5H4Mzc=1684613983126; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1; ppu_main_a339ee563fe11ff56bd0258698d823f9=1; ppu_idelay_a339ee563fe11ff56bd0258698d823f9=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:45 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRM2GDBfR%2FUFcu7XRLSAAmeQ9FviDSbnS8GllkxAFVde4aOib3ZdYIXXkQxBsxLEer%2FQbs0f2WcFNMDSbWQpqYZ6tC2gtmFAyovEDWMAW%2FAkH2lj0Da51urDVGB3hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746c0fa87fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
i.pinimg.com/originals/d9/cb/24/d9cb24fb510dca3f052c4e9a07e83e36.jpg
151.101.244.84200 OK 20 kB URL GET HTTP/2 i.pinimg.com/originals/d9/cb/24/d9cb24fb510dca3f052c4e9a07e83e36.jpg
IP 151.101.244.84:443
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
FingerprintDD:66:CF:72:EE:07:6C:09:1A:F3:24:71:8C:80:A0:6D:6B:06:D2:58
ValidityThu, 28 Jul 2022 00:00:00 GMT - Tue, 08 Aug 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 226x320, components 3\012- data
Hash 820b6768660eb204082dd989621f6679
ec72973b8dd560b7051cc8bc0bea00eb23c54416
2635cda1c87f6590cfed02bf76203281d3db67edce52cc8d6192a693a59c0187
GET /originals/d9/cb/24/d9cb24fb510dca3f052c4e9a07e83e36.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "820b6768660eb204082dd989621f6679"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600
date: Sat, 20 May 2023 20:19:46 GMT
content-length: 19901
X-Firefox-Spdy: h2
i.pinimg.com/736x/47/b6/d0/47b6d03bbc1222a6213c98764e9a8e51--chinese-zodiac-signs-chinese-astrology.jpg
151.101.244.84200 OK 74 kB URL GET HTTP/2 i.pinimg.com/736x/47/b6/d0/47b6d03bbc1222a6213c98764e9a8e51--chinese-zodiac-signs-chinese-astrology.jpg
IP 151.101.244.84:443
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
FingerprintDD:66:CF:72:EE:07:6C:09:1A:F3:24:71:8C:80:A0:6D:6B:06:D2:58
ValidityThu, 28 Jul 2022 00:00:00 GMT - Tue, 08 Aug 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash 28fb314d6473714620a439ba2a36c733
e3ecb5eaea2cce287739b50ffff84dcbb5874886
a9d7b63b3f98534133f94ec0ffc8cae679fcc64deaf779d2e99ca92f60ae4023
GET /736x/47/b6/d0/47b6d03bbc1222a6213c98764e9a8e51--chinese-zodiac-signs-chinese-astrology.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "28fb314d6473714620a439ba2a36c733"
expires: Fri, 25 Dec 2037 23:59:59 GMT
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 20 May 2023 20:19:46 GMT
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600
content-length: 74372
X-Firefox-Spdy: h2
i.pinimg.com/originals/42/b8/62/42b8625e09280c2790bcac0caa231501.jpg
151.101.244.84200 OK 110 kB URL GET HTTP/2 i.pinimg.com/originals/42/b8/62/42b8625e09280c2790bcac0caa231501.jpg
IP 151.101.244.84:443
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
FingerprintDD:66:CF:72:EE:07:6C:09:1A:F3:24:71:8C:80:A0:6D:6B:06:D2:58
ValidityThu, 28 Jul 2022 00:00:00 GMT - Tue, 08 Aug 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x768, components 3\012- data
Size 110 kB (109716 bytes)
Hash 06d1081942cac29bdf13c3cf6ead8477
dffd3a56ad1e5e6635f10c965562137ce7cbb299
0bc9d06f2fa5900d82a283818ad6a47088ccd9bca6972b5d97bc1653c2302201
GET /originals/42/b8/62/42b8625e09280c2790bcac0caa231501.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "06d1081942cac29bdf13c3cf6ead8477"
cache-control: max-age=31536000, immutable
content-type: image/jpeg
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600
date: Sat, 20 May 2023 20:19:46 GMT
content-length: 109716
X-Firefox-Spdy: h2
excitementoppressive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP28c1Rd9k0Qp8qt%2BkAYB0hYogMDrmdlZ7y4pUEIwijBxSEDQofdv1g%2B%2FmTd6b97O2kLCIhJKuXyD8Vk7FsSKoKEDoTVdJCQvlQtcIOUDIKRIdGhti4Xb3HPuucV5574vt%2F0xCeHp0fJ7ZlNpTRfbzbDxysdRdLWxonI%2FbAy7S58sJVcbdvBGFPaa4auNdyRfN4txGIVhFEaNZWVlaoaLURQ1Q6hivxc1e2EziZtRO8HQ%2Fpc7H8DRAGJwTJ6BEtNL%2B48SKD5Bnn17Q7r10hSvv515TUtjMRB7H%2BbrualyZHOY2gBpvne2DeMOl3%2BEyXdPDMMM%2FllkakqCJ7%2BD5XtnLsEGu6dGmYbMwcT%2FUA0mkHoCRSfg5h6UOCQAF7i1ijx7cMvYim6cqnSmTsmFp39CVVNy4bfLyLNH17UaNu4a7UtlcodhWkMNJ1D9CQp%2FgHLzHFR1AF5%2BASV%2BIYtPV5BnO6tOGyhx9FKXijZniVhIJessJEmvtUDDNFyIKY27cch4kp4mpNQEKp1AyxGoOw%2FvAngVwKcBfBEgE0eNDk%2B6XdFtCyo5j1kaddMkTXqUhykPW70Yns%2FeMEJZjMD1CNxuobBbWFcjWP8T3FoNJ87BlVMSvP85BqJGJQkqR1BRgkoRVCVBNah3hXaxqx8I7TyLznp81lv12JT9bbpryr7MyXZxTP4%2FCy%2B4Mv4e6%2FKowdtxL%2B3wlEYyEu2Udds86tC41ZPtVAqewKkayp0DdQE21ZRcucxQqCm5JP4Cowdw%2BgBcvQDqXwStxp04BF0bJ90Qm%2FlDmvqc07zJTQZhahTlBZQbwbY%2BJs%2Bd3PDlJ89D8sfkrMBtjcLW%2BFT9TNDX98d3TEV27pjKke9Wi1JlapPO7nu3pKW8%2BM27cqMyVty84UZfX%2BMzYQb3P5CuXKG5UHnfkYfXlRDSLhvLJfnhpvtIstverV33NvfFyu23lm9mhZXOKZNPQNXhZ0vgakouXts9%2BbnP%2FtGCshNYXyPzc6fKTMCLLbhiPnOGwOo5Z0WAytdjG7P5UCsCLeecshruX5zN8ba7j74NQMt7yLMaA1tjoGtQPYLz58dlYR%2B%2F%2BWvrpMB0MGbaBjtMW%2F3VabROHTVkRy71ekmYdEQYskTEcdSWnLYS2qNxnHZQuqlQr7G%2FAQAA%2F%2F8BAAD%2F%2F6K5%2BpaGBAAA
192.243.61.227200 OK 7 B URL GET HTTP/1.1 excitementoppressive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP28c1Rd9k0Qp8qt%2BkAYB0hYogMDrmdlZ7y4pUEIwijBxSEDQofdv1g%2B%2FmTd6b97O2kLCIhJKuXyD8Vk7FsSKoKEDoTVdJCQvlQtcIOUDIKRIdGhti4Xb3HPuucV5574vt%2F0xCeHp0fJ7ZlNpTRfbzbDxysdRdLWxonI%2FbAy7S58sJVcbdvBGFPaa4auNdyRfN4txGIVhFEaNZWVlaoaLURQ1Q6hivxc1e2EziZtRO8HQ%2Fpc7H8DRAGJwTJ6BEtNL%2B48SKD5Bnn17Q7r10hSvv515TUtjMRB7H%2BbrualyZHOY2gBpvne2DeMOl3%2BEyXdPDMMM%2FllkakqCJ7%2BD5XtnLsEGu6dGmYbMwcT%2FUA0mkHoCRSfg5h6UOCQAF7i1ijx7cMvYim6cqnSmTsmFp39CVVNy4bfLyLNH17UaNu4a7UtlcodhWkMNJ1D9CQp%2FgHLzHFR1AF5%2BASV%2BIYtPV5BnO6tOGyhx9FKXijZniVhIJessJEmvtUDDNFyIKY27cch4kp4mpNQEKp1AyxGoOw%2FvAngVwKcBfBEgE0eNDk%2B6XdFtCyo5j1kaddMkTXqUhykPW70Yns%2FeMEJZjMD1CNxuobBbWFcjWP8T3FoNJ87BlVMSvP85BqJGJQkqR1BRgkoRVCVBNah3hXaxqx8I7TyLznp81lv12JT9bbpryr7MyXZxTP4%2FCy%2B4Mv4e6%2FKowdtxL%2B3wlEYyEu2Udds86tC41ZPtVAqewKkayp0DdQE21ZRcucxQqCm5JP4Cowdw%2BgBcvQDqXwStxp04BF0bJ90Qm%2FlDmvqc07zJTQZhahTlBZQbwbY%2BJs%2Bd3PDlJ89D8sfkrMBtjcLW%2BFT9TNDX98d3TEV27pjKke9Wi1JlapPO7nu3pKW8%2BM27cqMyVty84UZfX%2BMzYQb3P5CuXKG5UHnfkYfXlRDSLhvLJfnhpvtIstverV33NvfFyu23lm9mhZXOKZNPQNXhZ0vgakouXts9%2BbnP%2FtGCshNYXyPzc6fKTMCLLbhiPnOGwOo5Z0WAytdjG7P5UCsCLeecshruX5zN8ba7j74NQMt7yLMaA1tjoGtQPYLz58dlYR%2B%2F%2BWvrpMB0MGbaBjtMW%2F3VabROHTVkRy71ekmYdEQYskTEcdSWnLYS2qNxnHZQuqlQr7G%2FAQAA%2F%2F8BAAD%2F%2F6K5%2BpaGBAAA
IP 192.243.61.227:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectexcitementoppressive.com
Fingerprint95:6B:E6:9E:9C:D5:06:E1:EF:CA:B3:63:B2:0C:EA:DD:86:4C:0D:6F
ValidityMon, 01 May 2023 19:30:35 GMT - Sun, 30 Jul 2023 19:30:34 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSP28c1Rd9k0Qp8qt%2BkAYB0hYogMDrmdlZ7y4pUEIwijBxSEDQofdv1g%2B%2FmTd6b97O2kLCIhJKuXyD8Vk7FsSKoKEDoTVdJCQvlQtcIOUDIKRIdGhti4Xb3HPuucV5574vt%2F0xCeHp0fJ7ZlNpTRfbzbDxysdRdLWxonI%2FbAy7S58sJVcbdvBGFPaa4auNdyRfN4txGIVhFEaNZWVlaoaLURQ1Q6hivxc1e2EziZtRO8HQ%2Fpc7H8DRAGJwTJ6BEtNL%2B48SKD5Bnn17Q7r10hSvv515TUtjMRB7H%2BbrualyZHOY2gBpvne2DeMOl3%2BEyXdPDMMM%2FllkakqCJ7%2BD5XtnLsEGu6dGmYbMwcT%2FUA0mkHoCRSfg5h6UOCQAF7i1ijx7cMvYim6cqnSmTsmFp39CVVNy4bfLyLNH17UaNu4a7UtlcodhWkMNJ1D9CQp%2FgHLzHFR1AF5%2BASV%2BIYtPV5BnO6tOGyhx9FKXijZniVhIJessJEmvtUDDNFyIKY27cch4kp4mpNQEKp1AyxGoOw%2FvAngVwKcBfBEgE0eNDk%2B6XdFtCyo5j1kaddMkTXqUhykPW70Yns%2FeMEJZjMD1CNxuobBbWFcjWP8T3FoNJ87BlVMSvP85BqJGJQkqR1BRgkoRVCVBNah3hXaxqx8I7TyLznp81lv12JT9bbpryr7MyXZxTP4%2FCy%2B4Mv4e6%2FKowdtxL%2B3wlEYyEu2Udds86tC41ZPtVAqewKkayp0DdQE21ZRcucxQqCm5JP4Cowdw%2BgBcvQDqXwStxp04BF0bJ90Qm%2FlDmvqc07zJTQZhahTlBZQbwbY%2BJs%2Bd3PDlJ89D8sfkrMBtjcLW%2BFT9TNDX98d3TEV27pjKke9Wi1JlapPO7nu3pKW8%2BM27cqMyVty84UZfX%2BMzYQb3P5CuXKG5UHnfkYfXlRDSLhvLJfnhpvtIstverV33NvfFyu23lm9mhZXOKZNPQNXhZ0vgakouXts9%2BbnP%2FtGCshNYXyPzc6fKTMCLLbhiPnOGwOo5Z0WAytdjG7P5UCsCLeecshruX5zN8ba7j74NQMt7yLMaA1tjoGtQPYLz58dlYR%2B%2F%2BWvrpMB0MGbaBjtMW%2F3VabROHTVkRy71ekmYdEQYskTEcdSWnLYS2qNxnHZQuqlQr7G%2FAQAA%2F%2F8BAAD%2F%2F6K5%2BpaGBAAA HTTP/1.1
Host: excitementoppressive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: u_pl=19309494; uid_id2=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:46 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 73861e34b1b44544cff4909a236a7dc6
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/notifications/vpn/default/us/android/black/1/img/update-icon.png
172.64.196.23200 OK 22 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/vpn/default/us/android/black/1/img/update-icon.png
IP 172.64.196.23:443
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
File type PNG image data, 435 x 438, 8-bit colormap, non-interlaced\012- data
Hash 293e03ff5c8794295c7e2bec46e8c106
b2b71ebe6d4719b2259cd6978a410f2dee026b00
2d268405eca080323e13a2f58d284ab1719403438385d405d75739cb23d063cb
GET /sb/notifications/vpn/default/us/android/black/1/img/update-icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:47 GMT
content-type: image/png
content-length: 22157
last-modified: Fri, 29 Jul 2022 12:35:40 GMT
etag: "62e3d41c-568d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 9866609
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDxI5M8pgYH0FNA1sEisg0Pp3ykP5QIYBSbx0PKNvGAj94gPq1lL9%2Bb66ZKUTCBSoDhYSU5aG%2BVWx%2FUV19FzSEiDAZSgr7yrGcuHpU3YWINu0j5Du0WoyLOa9Zw%2B9umm1nzPSRksbm%2Fi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746cc8d0823e7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
excitementoppressive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fandroid%2Fblack%2F1%2Findex.html&l=1412&fd=308
192.243.61.227200 OK 0 B URL GET HTTP/1.1 excitementoppressive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fandroid%2Fblack%2F1%2Findex.html&l=1412&fd=308
IP 192.243.61.227:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectexcitementoppressive.com
Fingerprint95:6B:E6:9E:9C:D5:06:E1:EF:CA:B3:63:B2:0C:EA:DD:86:4C:0D:6F
ValidityMon, 01 May 2023 19:30:35 GMT - Sun, 30 Jul 2023 19:30:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fandroid%2Fblack%2F1%2Findex.html&l=1412&fd=308 HTTP/1.1
Host: excitementoppressive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: u_pl=19309494; uid_id2=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=a339ee563fe11ff56bd0258698d823f9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20
192.243.59.12200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=a339ee563fe11ff56bd0258698d823f9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20
IP 192.243.59.12:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint33:54:5C:58:7C:8E:75:EE:DF:A0:8C:41:D3:AC:1B:BF:B6:66:28:EC
ValidityMon, 27 Mar 2023 07:09:08 GMT - Sun, 25 Jun 2023 07:09:07 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=a339ee563fe11ff56bd0258698d823f9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 895ea12a6e3aacf46b88713b50843210
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.barscreative1.com/sb/notifications/vpn/default/us/android/black/1/index.html
45.133.44.3200 OK 5.3 kB URL GET HTTP/2 cdn.barscreative1.com/sb/notifications/vpn/default/us/android/black/1/index.html
IP 45.133.44.3:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint0B:AE:8A:C0:29:EA:B0:86:29:66:F6:7E:76:63:66:57:38:88:FC:E6
ValidityMon, 15 May 2023 04:01:53 GMT - Sun, 13 Aug 2023 04:01:52 GMT
File type gzip compressed data, from Unix\012- data
Hash 6ac5aecb5d9c438d3d825cd3f17288ca
46c3938dce766478dfb7136652fd9bbcca26fcc0
05e401e23170af444a042359fac99ec0c8f91a38ce5bdd8c8409abe0998c28b8
GET /sb/notifications/vpn/default/us/android/black/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:47 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 26 Nov 2021 11:09:26 GMT
etag: W/"61a0c066-584"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 20 May 2023 21:19:47 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=c529f7cfa1e1d5fb85c17a239e5fedc4&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20
192.243.59.12200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=c529f7cfa1e1d5fb85c17a239e5fedc4&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20
IP 192.243.59.12:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint33:54:5C:58:7C:8E:75:EE:DF:A0:8C:41:D3:AC:1B:BF:B6:66:28:EC
ValidityMon, 27 Mar 2023 07:09:08 GMT - Sun, 25 Jun 2023 07:09:07 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=c529f7cfa1e1d5fb85c17a239e5fedc4&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9cc515398ed5ed6f764330be4c7904a7
Strict-Transport-Security: max-age=0; includeSubdomains
excitementoppressive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fandroid%2Fblack%2F1%2Fcss%2Fstyle.css&l=7546&fd=532
192.243.61.227200 OK 0 B URL GET HTTP/1.1 excitementoppressive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fandroid%2Fblack%2F1%2Fcss%2Fstyle.css&l=7546&fd=532
IP 192.243.61.227:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectexcitementoppressive.com
Fingerprint95:6B:E6:9E:9C:D5:06:E1:EF:CA:B3:63:B2:0C:EA:DD:86:4C:0D:6F
ValidityMon, 01 May 2023 19:30:35 GMT - Sun, 30 Jul 2023 19:30:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fandroid%2Fblack%2F1%2Fcss%2Fstyle.css&l=7546&fd=532 HTTP/1.1
Host: excitementoppressive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: u_pl=19309494; uid_id2=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
excitementoppressive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fandroid%2Fblack%2F1%2Fcss%2Fanimate.css&l=79245&fd=413
173.233.137.44200 OK 0 B URL GET HTTP/1.1 excitementoppressive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fandroid%2Fblack%2F1%2Fcss%2Fanimate.css&l=79245&fd=413
IP 173.233.137.44:443
Certificate IssuerLet's Encrypt
Subjectexcitementoppressive.com
Fingerprint95:6B:E6:9E:9C:D5:06:E1:EF:CA:B3:63:B2:0C:EA:DD:86:4C:0D:6F
ValidityMon, 01 May 2023 19:30:35 GMT - Sun, 30 Jul 2023 19:30:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fandroid%2Fblack%2F1%2Fcss%2Fanimate.css&l=79245&fd=413 HTTP/1.1
Host: excitementoppressive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: u_pl=19309494; uid_id2=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/vpn/default/us/android/black/1/img/number.png
172.64.196.23200 OK 7.4 kB URL GET HTTP/3 cdn.creative-bars1.com/sb/notifications/vpn/default/us/android/black/1/img/number.png
IP 172.64.196.23:443
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 762209418514cf232e9e440aa080a8b0
d9f88b372e0e693baf7eb081b9468cfbfb65debd
1f0572ff9957f39e320932ac08450ce55ec66fc670dc4832544bf92ea69b59a0
GET /sb/notifications/vpn/default/us/android/black/1/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:48 GMT
content-type: image/png
content-length: 7427
last-modified: Wed, 02 Sep 2020 11:53:06 GMT
etag: "5f4f87a2-1d03"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 8096713
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vdwzb%2BYhGb2XPco7LrHsMZicWtNym9G7WPLToV958r%2BC2CrYDgg5aOiAdy4fgebnsQga90JpeDV6kWVTWLwqsyc5JZiwvbQo%2FAn2CnD%2Fe24PcZiPxl%2FaQoQY9IrLDguME9K7pi%2BgjZE3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746d1ce58731b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn.creative-bars1.com/sb/notifications/vpn/default/us/android/black/1/css/style.css
172.64.196.23200 OK 1.6 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/vpn/default/us/android/black/1/css/style.css
IP 172.64.196.23:443
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
File type ASCII text, with very long lines (554)
Hash bfeb3632dc854f42647b828fabbdde29
5628a629a18179b1a5abb25532d1ce5404369b5e
1a8e65273687db2dc641080be94837e9a9e99e0f68e1a9b16041c23b45818bef
GET /sb/notifications/vpn/default/us/android/black/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:47 GMT
content-type: text/css
last-modified: Fri, 26 Nov 2021 11:09:26 GMT
etag: W/"61a0c066-1d7a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsMTwdwn1pmTHaTBtXEjRI7kK8Es3TOyn0XPPW64HxjbcN%2FbLpv5JKZv507oyX0udJlOgj%2FkPU%2BZ0OYdJgam7oyONtP7BjtZlmjQkPjiwBlAdHADRAmUXJX5o%2BEqfegcMCk7kOODa%2Fbd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746ccfba87719-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
excitementoppressive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSP28c1Rd9k0Qp8qt%2BkAYB0hYogMDrmdlZ7y4pUEIwijBxSEDQofdv1g%2B%2FmTd6b97O2kLCIhJKuXyD8Vk7FsSKoKEDoTVdJCQvlQtcIOUDIKRIdGhti4Xb3HPuucV5574vt%2F0xCeHp0fJ7ZlNpTRfbzbDxysdRdLWxonI%2FbAy7S58sJVcbdvBGFPaa4auNdyRfN4txGIVhFEaNZWVlaoaLURQ1Q6hivxc1e2EziZtRO8HQ%2Fpc7H8DRAGJwTJ6BEtNL%2B48SKD5Bnn17Q7r10hSvv515TUtjMRB7H%2BbrualyZHOY2gBpvne2DeMOl3%2BEyXdPDMMM%2FllkakqCJ7%2BD5XtnLsEGu6dGmYbMwcT%2FUA0mkHoCRSfg5h6UOCQAF7i1ijx7cMvYim6cqnSmTsmFp39CVVNy4bfLyLNH17UaNu4a7UtlcodhWkMNJ1D9CQp%2FgHLzHFR1AF5%2BASV%2BIYtPV5BnO6tOGyhx9FKXijZniVhIJessJEmvtUDDNFyIKY27cch4kp4mpNQEKp1AyxGoOw%2FvAngVwKcBfBEgE0eNDk%2B6XdFtCyo5j1kaddMkTXqUhykPW70Yns%2FeMEJZjMD1CNxuobBbWFcjWP8T3FoNJ87BlVMSvP85BqJGJQkqR1BRgkoRVCVBNah3hXaxqx8I7TyLznp81lv12JT9bbpryr7MyXZxTP4%2FCy%2B4Mv4e6%2FKowdtxL%2B3wlEYyEu2Udds86tC41ZPtVAqewKkayp0DdQE21ZRcucxQqCm5JP4Cowdw%2BgBcvQDqXwStxp04BF0bJ90Qm%2FlDmvqc07zJTQZhahTlBZQbwbY%2BJs%2Bd3PDlJ89D8sfkrMBtjcLW%2BFT9TNDX98d3TEV27pjKke9Wi1JlapPO7nu3pKW8%2BM27cqMyVty84UZfX%2BMzYQb3P5CuXKG5UHnfkYfXlRDSLhvLJfnhpvtIstverV33NvfFyu23lm9mhZXOKZNPQNXhZ0vgakouXts9%2BbnP%2FtGCshNYXyPzc6fKTMCLLbhiPnOGwOo5Z0WAytdjG7P5UCsCLeecshruX5zN8ba7j74NQMt7yLMaA1tjoGtQPYLz58dlYR%2B%2F%2BWvrpMB0MGbaBjtMW%2F3VabROHTU4DyWNWCeSUsh2i%2FNkiXfZUtpKOrLbFm2UbirUa%2BxvAAAA%2F%2F8BAAD%2F%2F12eUoaGBAAA
192.243.61.227200 OK 7 B URL GET HTTP/1.1 excitementoppressive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSP28c1Rd9k0Qp8qt%2BkAYB0hYogMDrmdlZ7y4pUEIwijBxSEDQofdv1g%2B%2FmTd6b97O2kLCIhJKuXyD8Vk7FsSKoKEDoTVdJCQvlQtcIOUDIKRIdGhti4Xb3HPuucV5574vt%2F0xCeHp0fJ7ZlNpTRfbzbDxysdRdLWxonI%2FbAy7S58sJVcbdvBGFPaa4auNdyRfN4txGIVhFEaNZWVlaoaLURQ1Q6hivxc1e2EziZtRO8HQ%2Fpc7H8DRAGJwTJ6BEtNL%2B48SKD5Bnn17Q7r10hSvv515TUtjMRB7H%2BbrualyZHOY2gBpvne2DeMOl3%2BEyXdPDMMM%2FllkakqCJ7%2BD5XtnLsEGu6dGmYbMwcT%2FUA0mkHoCRSfg5h6UOCQAF7i1ijx7cMvYim6cqnSmTsmFp39CVVNy4bfLyLNH17UaNu4a7UtlcodhWkMNJ1D9CQp%2FgHLzHFR1AF5%2BASV%2BIYtPV5BnO6tOGyhx9FKXijZniVhIJessJEmvtUDDNFyIKY27cch4kp4mpNQEKp1AyxGoOw%2FvAngVwKcBfBEgE0eNDk%2B6XdFtCyo5j1kaddMkTXqUhykPW70Yns%2FeMEJZjMD1CNxuobBbWFcjWP8T3FoNJ87BlVMSvP85BqJGJQkqR1BRgkoRVCVBNah3hXaxqx8I7TyLznp81lv12JT9bbpryr7MyXZxTP4%2FCy%2B4Mv4e6%2FKowdtxL%2B3wlEYyEu2Udds86tC41ZPtVAqewKkayp0DdQE21ZRcucxQqCm5JP4Cowdw%2BgBcvQDqXwStxp04BF0bJ90Qm%2FlDmvqc07zJTQZhahTlBZQbwbY%2BJs%2Bd3PDlJ89D8sfkrMBtjcLW%2BFT9TNDX98d3TEV27pjKke9Wi1JlapPO7nu3pKW8%2BM27cqMyVty84UZfX%2BMzYQb3P5CuXKG5UHnfkYfXlRDSLhvLJfnhpvtIstverV33NvfFyu23lm9mhZXOKZNPQNXhZ0vgakouXts9%2BbnP%2FtGCshNYXyPzc6fKTMCLLbhiPnOGwOo5Z0WAytdjG7P5UCsCLeecshruX5zN8ba7j74NQMt7yLMaA1tjoGtQPYLz58dlYR%2B%2F%2BWvrpMB0MGbaBjtMW%2F3VabROHTU4DyWNWCeSUsh2i%2FNkiXfZUtpKOrLbFm2UbirUa%2BxvAAAA%2F%2F8BAAD%2F%2F12eUoaGBAAA
IP 192.243.61.227:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectexcitementoppressive.com
Fingerprint95:6B:E6:9E:9C:D5:06:E1:EF:CA:B3:63:B2:0C:EA:DD:86:4C:0D:6F
ValidityMon, 01 May 2023 19:30:35 GMT - Sun, 30 Jul 2023 19:30:34 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSP28c1Rd9k0Qp8qt%2BkAYB0hYogMDrmdlZ7y4pUEIwijBxSEDQofdv1g%2B%2FmTd6b97O2kLCIhJKuXyD8Vk7FsSKoKEDoTVdJCQvlQtcIOUDIKRIdGhti4Xb3HPuucV5574vt%2F0xCeHp0fJ7ZlNpTRfbzbDxysdRdLWxonI%2FbAy7S58sJVcbdvBGFPaa4auNdyRfN4txGIVhFEaNZWVlaoaLURQ1Q6hivxc1e2EziZtRO8HQ%2Fpc7H8DRAGJwTJ6BEtNL%2B48SKD5Bnn17Q7r10hSvv515TUtjMRB7H%2BbrualyZHOY2gBpvne2DeMOl3%2BEyXdPDMMM%2FllkakqCJ7%2BD5XtnLsEGu6dGmYbMwcT%2FUA0mkHoCRSfg5h6UOCQAF7i1ijx7cMvYim6cqnSmTsmFp39CVVNy4bfLyLNH17UaNu4a7UtlcodhWkMNJ1D9CQp%2FgHLzHFR1AF5%2BASV%2BIYtPV5BnO6tOGyhx9FKXijZniVhIJessJEmvtUDDNFyIKY27cch4kp4mpNQEKp1AyxGoOw%2FvAngVwKcBfBEgE0eNDk%2B6XdFtCyo5j1kaddMkTXqUhykPW70Yns%2FeMEJZjMD1CNxuobBbWFcjWP8T3FoNJ87BlVMSvP85BqJGJQkqR1BRgkoRVCVBNah3hXaxqx8I7TyLznp81lv12JT9bbpryr7MyXZxTP4%2FCy%2B4Mv4e6%2FKowdtxL%2B3wlEYyEu2Udds86tC41ZPtVAqewKkayp0DdQE21ZRcucxQqCm5JP4Cowdw%2BgBcvQDqXwStxp04BF0bJ90Qm%2FlDmvqc07zJTQZhahTlBZQbwbY%2BJs%2Bd3PDlJ89D8sfkrMBtjcLW%2BFT9TNDX98d3TEV27pjKke9Wi1JlapPO7nu3pKW8%2BM27cqMyVty84UZfX%2BMzYQb3P5CuXKG5UHnfkYfXlRDSLhvLJfnhpvtIstverV33NvfFyu23lm9mhZXOKZNPQNXhZ0vgakouXts9%2BbnP%2FtGCshNYXyPzc6fKTMCLLbhiPnOGwOo5Z0WAytdjG7P5UCsCLeecshruX5zN8ba7j74NQMt7yLMaA1tjoGtQPYLz58dlYR%2B%2F%2BWvrpMB0MGbaBjtMW%2F3VabROHTU4DyWNWCeSUsh2i%2FNkiXfZUtpKOrLbFm2UbirUa%2BxvAAAA%2F%2F8BAAD%2F%2F12eUoaGBAAA HTTP/1.1
Host: excitementoppressive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: u_pl=19309494; uid_id2=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7b42e564a5670c7c3ed7b87e4516ae22
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/notifications/vpn/default/us/android/black/1/fonts/SFUIDisplay-Regular.woff2
172.64.196.23200 OK 43 kB URL GET HTTP/3 cdn.creative-bars1.com/sb/notifications/vpn/default/us/android/black/1/fonts/SFUIDisplay-Regular.woff2
IP 172.64.196.23:443
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
File type Web Open Font Format (Version 2), TrueType, length 42576, version 1.0\012- data
Hash 2a7d15a301e2045942980e8544ccfbb5
71adf9d8bcff90f86a96b1d21e847bf5d79b3c0e
474b4d7266171e03c8efcd904e8010bd8cb11a068d5e67b5450bc46d768a41e9
GET /sb/notifications/vpn/default/us/android/black/1/fonts/SFUIDisplay-Regular.woff2 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:48 GMT
content-type: application/octet-stream
content-length: 42576
last-modified: Thu, 28 Oct 2021 09:17:29 GMT
etag: "617a6aa9-a650"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJxuxrx0bKaaBc02ukyd5Jz0eK5TDeYFtCpVd22ViqqCq3Mr51YfwvCPiYRA0AsHbg8%2BF%2ByDh%2Fj6vQTv4YTY2IDe2rZTz6G9rQFOLwXipfgKkfTBV45dSmPhcITyZg7Hes7b2BvJwZbe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746d1ce5b731b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect-v6.51.la/v6/collect?dt=4
103.143.19.103 0 B URL POST collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 274
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 20 May 2023 20:19:58 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://afuncan.com
Access-Control-Allow-Credentials: true
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-72-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 445 B URL aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-72-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (332)
Hash d39546249a86d29697ea6b389afd84f2
244ce5f2d9a3e80da843e527f35cae0b9d9e20be
ba339c9812783530a739e05b9bc0ec254d9c22eb13779e8e5be5860a192f8c80
GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-72-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: 17805
rule-data-version: 1
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2023-06-30-14-14-56.chain; p384ecdsa=kProN1nE9tkH4JH82vmBBnnbJnn0fJy_NPTvjHpciPKMIGYkOqGnHlxk5kga1DvrwkO99ktLad39PgSgwQa6vgPUvj0U9ND_ThGQlhdvY46JzcVTuJtT9Zf9vBS9zBGW
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Sat, 20 May 2023 20:18:30 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 445
age: 89
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
62.115.252.113 512 kB URL ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP 62.115.252.113:0
ASN #1299 Telia Company AB
File type Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size 512 kB (511815 bytes)
Hash 152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48
GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Last-Modified: Thu, 04 May 2023 01:43:52 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1683164631.85253
Content-Type: application/zip
X-Trans-Id: tx9c22935e88014093a8837-006455bcebdfw1
Cache-Control: public, max-age=222679
Expires: Tue, 23 May 2023 10:11:18 GMT
Date: Sat, 20 May 2023 20:19:59 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
142.250.74.106200 OK 2.9 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
IP 142.250.74.106:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (2958), with no line terminators
Hash d0207e14b9c37f23aa1b053a509920aa
18d58da04c3cbf8f7b42372c190b0f02b60e4ccf
ef7302a767539988b24544186e5da0b53073f829a6123368e9674ba59080150c
GET /css?family=Lato:400,700,400italic,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 20 May 2023 20:19:41 GMT
date: Sat, 20 May 2023 20:19:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
afuncan.com/content/themes/dark-grid/js/custom.js
104.21.65.132200 OK 77 B URL GET HTTP/3 afuncan.com/content/themes/dark-grid/js/custom.js
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type ASCII text, with no line terminators
Hash c9a7611a33b20040c140a21248680cf0
8df86ac2ac0ab1be811229ee559579c7e45969a0
c1ac828072764e4a7488185231e76976e1080243778059c43b74b735ee11110a
GET /content/themes/dark-grid/js/custom.js HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: application/javascript
last-modified: Fri, 07 Apr 2023 08:41:57 GMT
etag: W/"4d-5f8baff7f18aa-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ata%2FO%2FzxSPFBBXayb5H0DTcUDozKe3VRlwiqlA%2Bm1gh5lh9L7QLjKTdDjkRPcGEzckfotkI21e7gFWwrQzhmTqCSE7KFVE6j5Db9Sp3aBHwAnE8x3gctVIU7RUEBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a4fbcffab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/js/jquery-comments.min.js
104.21.65.132200 OK 43 kB URL GET HTTP/3 afuncan.com/js/jquery-comments.min.js
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type ASCII text, with very long lines (1626)
Hash 8da35b131b944c5c3b9bc7da3d9be8d3
fa1da75b0be658c2c44a31a5ba330e2a0fc58860
6cf9a2453a9a0c7288483d1954ff40b56d61c42fc18f2446f7dab0452f0827a8
GET /js/jquery-comments.min.js HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: application/javascript
last-modified: Fri, 07 Apr 2023 08:41:57 GMT
etag: W/"a791-5f8baff7f9992-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrJ5LnMOREFOa%2BUWKOS8OBsq3U9%2B5OSs2YZx8wyUtw0TaJdP8z%2FMIBQqoCRmhauuUuz0kOAHgKv58bv3jrKTR7MFRBq5MgI7eTQCsaMZUO94ZFi%2BdT8EU0ZkZaU0sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a4fbc8fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/cdn-cgi/challenge-platform/h/g/cv/result/7ca746a02b55b509
104.21.65.132200 OK 2 B URL POST HTTP/3 afuncan.com/cdn-cgi/challenge-platform/h/g/cv/result/7ca746a02b55b509
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /cdn-cgi/challenge-platform/h/g/cv/result/7ca746a02b55b509 HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12353
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov; _ga_JPJFVSE5RF=GS1.1.1684613981.1.0.1684613981.0.0.0; _ga=GA1.1.2079958386.1684613982; __vtins__JeU8LzNK5S5H4Mzc=%7B%22sid%22%3A%20%22de488725-2740-59e8-b1cc-c99adcd5d0d1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201684615783123%2C%20%22ct%22%3A%201684613983123%7D; __51uvsct__JeU8LzNK5S5H4Mzc=1; __51vcke__JeU8LzNK5S5H4Mzc=abb1115a-519a-5dd7-9aa8-c3a8020ae6c8; __51vuft__JeU8LzNK5S5H4Mzc=1684613983126; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1; ppu_main_a339ee563fe11ff56bd0258698d823f9=1; ppu_idelay_a339ee563fe11ff56bd0258698d823f9=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:45 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=hcq6ScEpGr_WVJOamBM3NrO5jQCKGkqT_rXP30JLZcw-1684613985-0-AdsCI3h7i88tJAJuyTwg1aysujObSDkfuyAUTR9RsFvgYfqgMPDnnTtqD5jRoLTAEjkGgylmgsRk/j1rj3u+sRFrA8w04ildGty48FdWahj6; path=/; expires=Sat, 20-May-23 20:49:45 GMT; domain=.afuncan.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSTWHqE4nGN96mN1B5%2FWB32N%2F0I%2BOicwRoxl8Xel99iHHjQDg2SJlzx4oRfDa7pi58TkKhfmFlZPJNV8aXkmxCTrX9AOZV9ubtrg%2FyVATp%2FPuiTR3tZvOts4ZkjLOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746c2fbecfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/content/themes/dark-grid/style/user.css
104.21.65.132200 OK 2.9 kB URL GET HTTP/3 afuncan.com/content/themes/dark-grid/style/user.css
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type ASCII text, with very long lines (3292), with no line terminators
Hash a2f5f7c702a732a018fe51f8c8c2a3a4
f5d42ec73395338da00885379ff08301f31dae99
1512da15b85fbde860c2fb7d778cf3815456e68ea1e4038403981dd660d0e34b
GET /content/themes/dark-grid/style/user.css HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: text/css
last-modified: Fri, 07 Apr 2023 08:41:57 GMT
etag: W/"b41-5f8baff7f284a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3784
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9V%2B9nEy0DtouuwK4VvbZ%2FrzlOtH99gwtk%2B1LVXa%2F5phZjVeXGgj42xtgCM6KhV2mPz2dhYFl6cK2%2F56NwkTvnP7DNlPeBm38bn7Q28SS0XJKAnFkn%2Bf6KNqd%2FHAF3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a46b24fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/favicon.ico
104.21.65.132200 OK 102 kB IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size 102 kB (101870 bytes)
Hash cf62139d07cb6cdfe783ae1348a5e838
fd4810c52a6bf73565c235f07c51fa0599ce0c8c
428c5c78b293e6c84bc094486b197b31ecd54bff27dcab0330a116110a233be6
GET /favicon.ico HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov; _ga_JPJFVSE5RF=GS1.1.1684613981.1.0.1684613981.0.0.0; _ga=GA1.1.2079958386.1684613982; __vtins__JeU8LzNK5S5H4Mzc=%7B%22sid%22%3A%20%22de488725-2740-59e8-b1cc-c99adcd5d0d1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201684615783123%2C%20%22ct%22%3A%201684613983123%7D; __51uvsct__JeU8LzNK5S5H4Mzc=1; __51vcke__JeU8LzNK5S5H4Mzc=abb1115a-519a-5dd7-9aa8-c3a8020ae6c8; __51vuft__JeU8LzNK5S5H4Mzc=1684613983126; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1; ppu_main_a339ee563fe11ff56bd0258698d823f9=1; ppu_idelay_a339ee563fe11ff56bd0258698d823f9=1; __cf_bm=hcq6ScEpGr_WVJOamBM3NrO5jQCKGkqT_rXP30JLZcw-1684613985-0-AdsCI3h7i88tJAJuyTwg1aysujObSDkfuyAUTR9RsFvgYfqgMPDnnTtqD5jRoLTAEjkGgylmgsRk/j1rj3u+sRFrA8w04ildGty48FdWahj6; sb_main_c529f7cfa1e1d5fb85c17a239e5fedc4=1; sb_count_c529f7cfa1e1d5fb85c17a239e5fedc4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:46 GMT
content-type: image/x-icon
last-modified: Fri, 07 Apr 2023 08:41:57 GMT
etag: W/"18dee-5f8baff7f5342-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTyDtC8r25mGQJzRkOYjNhdQEzIpiJjsYAphwKdLaQHtX1aWyOWzykVsI%2FhySNLBghqRHPCPG%2Fook5zL9PkzqCFqQUZaCbeTL%2FRQMJSipEY%2F0wnGv%2Bj7hmrY3e86Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746c83864fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/content/themes/dark-grid/js/bootstrap.min.js
104.21.65.132200 OK 60 kB URL GET HTTP/3 afuncan.com/content/themes/dark-grid/js/bootstrap.min.js
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type ASCII text, with very long lines (59765)
Hash 02d223393e00c273efdcb1ade8f4f8b1
0cc93b8421d89c24a889642428b363cb831de78a
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
GET /content/themes/dark-grid/js/bootstrap.min.js HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: application/javascript
last-modified: Fri, 07 Apr 2023 08:41:57 GMT
etag: W/"ea8c-5f8baff7f18aa-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BxsaflNtlx%2Bz1Re4DLLpUeORxpmzJJINYdoCl9mchru293SVCWUz6KLfwA%2FV1ehYsWviQt4m2hJqyh3XWKvcAoxeYER%2BLFNONpuU%2BMgw645rdURG%2BbVp%2F%2BJ85Acxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a4fbccfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
excitementoppressive.com/pixel/sbs?c=1
173.233.137.44200 OK 0 B URL GET HTTP/1.1 excitementoppressive.com/pixel/sbs?c=1
IP 173.233.137.44:443
Certificate IssuerLet's Encrypt
Subjectexcitementoppressive.com
Fingerprint95:6B:E6:9E:9C:D5:06:E1:EF:CA:B3:63:B2:0C:EA:DD:86:4C:0D:6F
ValidityMon, 01 May 2023 19:30:35 GMT - Sun, 30 Jul 2023 19:30:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: excitementoppressive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: u_pl=19309494; uid_id2=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
afuncan.com/content/themes/dark-grid/style/style.css
104.21.65.132200 OK 10 kB URL GET HTTP/3 afuncan.com/content/themes/dark-grid/style/style.css
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type assembler source, ASCII text, with CRLF line terminators
Hash e4b64cb4c91e3bebccaf748f257b04f5
c093efe9686e1331039bd1a569b2c33b2ad3a67d
6386b0efc8c35b4a0c0bb5ecf673ccc4750380669d77d16ecfbecc03ea0b207d
GET /content/themes/dark-grid/style/style.css HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 02:10:31 GMT
etag: W/"2768-5fc026cf3a75c-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3784
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6LFxWJqztTFoR0GpFn0fvWrZATh32WaGbTjJku%2Bttyxm8s%2B2mO05zOa2OnYCLx%2BfYCdZKydIyJxK29I5ut2%2BBkvj9OPR9Mm%2F5VjqsBcXJojVt8njBuIIKg4wZBI1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a47b2dfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
i.pinimg.com/originals/89/61/1b/89611b7bc2c20d4b10ec762bf850933f.jpg
151.101.244.84200 OK 196 kB URL GET HTTP/2 i.pinimg.com/originals/89/61/1b/89611b7bc2c20d4b10ec762bf850933f.jpg
IP 151.101.244.84:443
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
FingerprintDD:66:CF:72:EE:07:6C:09:1A:F3:24:71:8C:80:A0:6D:6B:06:D2:58
ValidityThu, 28 Jul 2022 00:00:00 GMT - Tue, 08 Aug 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 860x1030, components 3\012- data
Size 196 kB (196367 bytes)
Hash 071fc9be365d278c6f3f6adc6ffaf301
58656adbcaf0b768b7f31bd5d60479940a34445e
14cf2a4457a278174a2a50ae47accf5f458767df1afec1c696ccd41ec4c43ea9
GET /originals/89/61/1b/89611b7bc2c20d4b10ec762bf850933f.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "071fc9be365d278c6f3f6adc6ffaf301"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600
date: Sat, 20 May 2023 20:19:46 GMT
content-length: 196367
X-Firefox-Spdy: h2
h2bpodcast.com/?h=aac7078&iid=18_15803293_0_4&usg=AOvVaw35boKfFY73wQQDjZ8EHHSz
188.114.97.1302 Found 52 kB URL User Request GET HTTP/2 h2bpodcast.com/?h=aac7078&iid=18_15803293_0_4&usg=AOvVaw35boKfFY73wQQDjZ8EHHSz
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjecth2bpodcast.com
FingerprintC3:FB:F6:EE:FB:A0:F1:B6:9B:15:0C:48:95:42:59:9D:DA:B3:4C:AA
ValidityMon, 17 Apr 2023 23:54:09 GMT - Sun, 16 Jul 2023 23:54:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?h=aac7078&iid=18_15803293_0_4&usg=AOvVaw35boKfFY73wQQDjZ8EHHSz HTTP/1.1
Host: h2bpodcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 20 May 2023 20:19:39 GMT
content-type: text/html; charset=UTF-8
location: https://best10.club/category.php/zodiac+chart+chinese/?v=bc_om_5
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AI5ahb0MfEuwYnJzV5B4Y4AZ%2Bd7OBjuN7QMUthgX%2F4sxrDigy0Gw4Vv03rmAR48nWbCpmbe4NX2iVYUgM5lpWd18%2BM9mt%2FmUV0tBoWRjH2mQnjp9qV7chcDps1qmubdjcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca7469c4ae91c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
no.china-embassy.gov.cn/eng/zngx_1/whjl/zx/201704/W020210701350517969188.png
0.0.0.0 0 B URL GET no.china-embassy.gov.cn/eng/zngx_1/whjl/zx/201704/W020210701350517969188.png
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eng/zngx_1/whjl/zx/201704/W020210701350517969188.png HTTP/1.1
Host: no.china-embassy.gov.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
afuncan.com/content/themes/dark-grid/js/script.js
104.21.65.132200 OK 8.3 kB URL GET HTTP/3 afuncan.com/content/themes/dark-grid/js/script.js
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (9581), with no line terminators
Hash 937b3f0df1893e5639f2ddce96caf11f
10000dbd0d06177e0f59099f2e2311e19d199835
2ba5198c774dd484faeba21285927118e11300cf4d36ade9412fceb76d3f2985
GET /content/themes/dark-grid/js/script.js HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: application/javascript
last-modified: Fri, 07 Apr 2023 08:41:57 GMT
etag: W/"2048-5f8baff7f1c92-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeO3K%2BEBVdHbOwLldr2vNWA5yzXTRn%2Fa2Is3qGID2EX5PofTZe1dSACv7X5vQMqVgov6Xo7IRAHqrj77wQCOvuawGhkq28ibZofgVmQFsgxmvuTM4icJOu3zysOTUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a4fbd1fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
excitementoppressive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fandroid%2Fblack%2F1%2Fjs%2Fscript.js&l=393&fd=405
192.243.61.227200 OK 0 B URL GET HTTP/1.1 excitementoppressive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fandroid%2Fblack%2F1%2Fjs%2Fscript.js&l=393&fd=405
IP 192.243.61.227:443
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectexcitementoppressive.com
Fingerprint95:6B:E6:9E:9C:D5:06:E1:EF:CA:B3:63:B2:0C:EA:DD:86:4C:0D:6F
ValidityMon, 01 May 2023 19:30:35 GMT - Sun, 30 Jul 2023 19:30:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fandroid%2Fblack%2F1%2Fjs%2Fscript.js&l=393&fd=405 HTTP/1.1
Host: excitementoppressive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: u_pl=19309494; uid_id2=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 20:19:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
afuncan.com/cdn-cgi/challenge-platform/scripts/invisible.js
104.21.65.132302 Found 27 kB URL GET HTTP/3 afuncan.com/cdn-cgi/challenge-platform/scripts/invisible.js
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov; _ga_JPJFVSE5RF=GS1.1.1684613981.1.0.1684613981.0.0.0; _ga=GA1.1.2079958386.1684613982; __vtins__JeU8LzNK5S5H4Mzc=%7B%22sid%22%3A%20%22de488725-2740-59e8-b1cc-c99adcd5d0d1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201684615783123%2C%20%22ct%22%3A%201684613983123%7D; __51uvsct__JeU8LzNK5S5H4Mzc=1; __51vcke__JeU8LzNK5S5H4Mzc=abb1115a-519a-5dd7-9aa8-c3a8020ae6c8; __51vuft__JeU8LzNK5S5H4Mzc=1684613983126; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1; ppu_main_a339ee563fe11ff56bd0258698d823f9=1; ppu_idelay_a339ee563fe11ff56bd0258698d823f9=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Sat, 20 May 2023 20:19:45 GMT
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
access-control-allow-origin: *
vary: accept-encoding
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qy6OMtV%2Bj8s%2FJxeniyTDIZp4o%2FJpVf1tnbyYB3Fb7ZPRfmKLxcOsDqm8XCVzNLrSLjTLSbSSDbM8yLz2ZWrcg9X0C3pPnjJnN2gxgx%2BZ5qL0R4DwDvZTbEsFzgU1OA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746c11a9ffab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn.creative-bars1.com/sb/notifications/vpn/default/us/android/black/1/js/script.js
172.64.196.23200 OK 393 B URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/vpn/default/us/android/black/1/js/script.js
IP 172.64.196.23:443
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
File type ASCII text, with very long lines (406), with no line terminators
Hash 029153ff067f18c2eef28a4938f6260b
e13cbffb6c189e3abd4b41f93dc6d4fce1e3ea7e
15a9b759d6dd20c9fb4eb054ceb8a6be25c5a4f562ba73abade2f58dbb4ecbb4
GET /sb/notifications/vpn/default/us/android/black/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:47 GMT
content-type: application/javascript
last-modified: Wed, 02 Sep 2020 11:53:09 GMT
etag: W/"5f4f87a5-189"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MY%2FrcQPy4j9o52SVrbCV5q1nthHk3%2BtQtohwxH0EG4IzuQN5RzQb5etKjDnF2m0NPa5HYamJKnzO1TRdA%2BEdOgwz93ijUPMnpVTYaQy2%2BhIB%2FRe2J%2FfrTspBygKZ%2BxXtoQQ%2Fvc2uwBdq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746cc3a177719-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
best10.club/category.php/zodiac+chart+chinese/?v=bc_om_5
172.67.184.226302 Found 52 kB URL User Request GET HTTP/2 best10.club/category.php/zodiac+chart+chinese/?v=bc_om_5
IP 172.67.184.226:443
Certificate IssuerGoogle Trust Services LLC
Subject*.best10.club
FingerprintF0:9C:7A:1A:67:4A:2C:27:53:A9:57:5A:8E:27:9C:2E:A9:5D:8E:DA
ValiditySat, 25 Mar 2023 21:49:29 GMT - Fri, 23 Jun 2023 21:49:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /category.php/zodiac+chart+chinese/?v=bc_om_5 HTTP/1.1
Host: best10.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 20 May 2023 20:19:40 GMT
content-type: text/html; charset=UTF-8
location: https://afuncan.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3iWxDX4qFQqmy4FqfhEdtdJTRojzuVA2LvH%2FnwE8IRViQIDeRtFhDFPjC53dMxLIlNaSUqwoUG8CZEm28w%2F%2Bu3sYGDY9zjsBFP6L69LPEhgazitONfXlUYKCQJCGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca7469d19c2b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
afuncan.com/content/themes/dark-grid/style/jquery-comments.css
104.21.65.132200 OK 17 kB URL GET HTTP/3 afuncan.com/content/themes/dark-grid/style/jquery-comments.css
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /content/themes/dark-grid/style/jquery-comments.css HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: text/css
last-modified: Fri, 07 Apr 2023 08:41:57 GMT
etag: W/"421b-5f8baff7f284a-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3784
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyK9rmoDHaOCtFeBJFQJ%2FSxSGLi3S6pzwo6qkalF1%2F7L%2BSa7epMEZAPTbwPLxmZatDNFx6Bq2m3JhXPkc41dR2gjsxDeZ480tjLqP2NesEykBhPhPhHydGezN%2BbsPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a46b20fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
104.21.65.132200 OK 5.7 kB URL GET HTTP/3 afuncan.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type ASCII text, with very long lines (5692), with no line terminators
Hash eab923753ad249c7ba06f81d5f8e1ecb
303f5abddf5e2aa987ccdeef10c36a6977bd1473
229d1385300fdcb3db36229c2aebbded7b1ff74a54fd12c77ef897d45838ffed
GET /cdn-cgi/challenge-platform/h/g/scripts/pica.js HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov; _ga_JPJFVSE5RF=GS1.1.1684613981.1.0.1684613981.0.0.0; _ga=GA1.1.2079958386.1684613982; __vtins__JeU8LzNK5S5H4Mzc=%7B%22sid%22%3A%20%22de488725-2740-59e8-b1cc-c99adcd5d0d1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201684615783123%2C%20%22ct%22%3A%201684613983123%7D; __51uvsct__JeU8LzNK5S5H4Mzc=1; __51vcke__JeU8LzNK5S5H4Mzc=abb1115a-519a-5dd7-9aa8-c3a8020ae6c8; __51vuft__JeU8LzNK5S5H4Mzc=1684613983126; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1; ppu_main_a339ee563fe11ff56bd0258698d823f9=1; ppu_idelay_a339ee563fe11ff56bd0258698d823f9=1
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:45 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
x-content-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aG%2FWBtDkC7e%2FYVV2v7XAMAFiWx%2F6W1sXqWt3fDcXRtyxw3Hlm1jKdNBOxzY%2BYxV%2FymZodmu9Jbozp5zkWGgYhe8kQ62mTsYW4Pb4mFwlqYUnvUmOkGcZKiTFRaUnKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746c19afefab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
addresseepaper.com/sfp.js
0.0.0.0 0 B URL GET addresseepaper.com/sfp.js
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
afuncan.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
104.21.65.132200 OK 27 kB URL GET HTTP/3 afuncan.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type ASCII text, with very long lines (26597), with no line terminators
Hash 476d9a85de44d29131c3dce3af6fb1b6
ea19e65c6d5db4385eb9c86bb1cf692bcee6aaef
ff10fefb4c0770b808ee585980ac13319b454cf8ae08d765cfbaf370013496ed
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov; _ga_JPJFVSE5RF=GS1.1.1684613981.1.0.1684613981.0.0.0; _ga=GA1.1.2079958386.1684613982; __vtins__JeU8LzNK5S5H4Mzc=%7B%22sid%22%3A%20%22de488725-2740-59e8-b1cc-c99adcd5d0d1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201684615783123%2C%20%22ct%22%3A%201684613983123%7D; __51uvsct__JeU8LzNK5S5H4Mzc=1; __51vcke__JeU8LzNK5S5H4Mzc=abb1115a-519a-5dd7-9aa8-c3a8020ae6c8; __51vuft__JeU8LzNK5S5H4Mzc=1684613983126; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8ad5cb4d-feb7-4493-a0f0-2aa2820bc4f4%3A3%3A1; ppu_main_a339ee563fe11ff56bd0258698d823f9=1; ppu_idelay_a339ee563fe11ff56bd0258698d823f9=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:45 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5p%2BfHDiMycQuD%2BW3nlsqsTon8f7q1hLC50vcYXUM0OzJZNiVubZP00ZE9iACBS1eB0EnDq90iGIHJf43zhSY4Nbzn6VJTTyZFsFeuzTp4GO3uFpfKXFPwvioomMiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746c15ac6fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c8.alamy.com/comp/CMYNY4/china-hong-kong-tsuen-wan-yuen-yuen-institute-chinese-zodiac-chart-CMYNY4.jpg
54.215.95.86200 OK 426 kB URL GET HTTP/2 c8.alamy.com/comp/CMYNY4/china-hong-kong-tsuen-wan-yuen-yuen-institute-chinese-zodiac-chart-CMYNY4.jpg
IP 54.215.95.86:443
Certificate IssuerDigiCert Inc
Subject*.alamy.com
Fingerprint3C:DE:99:92:20:E8:56:ED:CA:0F:17:31:ED:DE:CE:12:D1:9D:58:FA
ValidityThu, 16 Jun 2022 00:00:00 GMT - Fri, 16 Jun 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1300x956, components 3\012- data
Size 426 kB (425741 bytes)
Hash e76718064c58b4e2b6cd9fbb32500fd9
2b49ec3c6a5437fef252e63483370d6447b5cbb6
d9de0703a7e12f8ff6a1dcbbb669a5dbff250d1707cc64d9cabb741bfa5ed9ae
GET /comp/CMYNY4/china-hong-kong-tsuen-wan-yuen-yuen-institute-chinese-zodiac-chart-CMYNY4.jpg HTTP/1.1
Host: c8.alamy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:42 GMT
content-type: image/jpeg
cache-control: max-age=604800
access-control-allow-origin: *
last-modified: Tue Oct 19 2021 00:00:00 GMT+0000 (Coordinated Universal Time)
X-Firefox-Spdy: h2
c8.alamy.com/comp/AKTT1C/chinese-astrological-calendar-with-images-of-different-animals-that-AKTT1C.jpg
54.215.95.86200 OK 343 kB URL GET HTTP/2 c8.alamy.com/comp/AKTT1C/chinese-astrological-calendar-with-images-of-different-animals-that-AKTT1C.jpg
IP 54.215.95.86:443
Certificate IssuerDigiCert Inc
Subject*.alamy.com
Fingerprint3C:DE:99:92:20:E8:56:ED:CA:0F:17:31:ED:DE:CE:12:D1:9D:58:FA
ValidityThu, 16 Jun 2022 00:00:00 GMT - Fri, 16 Jun 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 874x1390, components 3\012- data
Size 343 kB (343135 bytes)
Hash 828b4e4832fbda590bd5b311d98ea855
1ce3655dd549b904b2f79f23cb22277e3ea71717
5b1d8430993b3bc0104d408805d8f936320fb13b912364f0ee3b96c8a42fae03
GET /comp/AKTT1C/chinese-astrological-calendar-with-images-of-different-animals-that-AKTT1C.jpg HTTP/1.1
Host: c8.alamy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:42 GMT
content-type: image/jpeg
cache-control: max-age=604800
access-control-allow-origin: *
last-modified: Tue Oct 19 2021 00:00:00 GMT+0000 (Coordinated Universal Time)
X-Firefox-Spdy: h2
afuncan.com/js/stats.js
104.21.65.132200 OK 46 kB IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/stats.js HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: application/javascript
last-modified: Fri, 07 Apr 2023 08:41:57 GMT
etag: W/"b1cb-5f8baff7fa162-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zb%2BEoHthGs6eNn7oGI6DaD9n9lC9vTbM1fiu%2BssKx%2BipHEcBuWm4z9TRgjHgyn1G9%2Fwe%2FMY7iow4WJmk01MbbL6JimgjN0fmN78vtbCYFwYxuwCDfshrHyvfXLX3%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a4fbd0fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Montserrat:400,700
142.250.74.106200 OK 3.4 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,700
IP 142.250.74.106:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (3520), with no line terminators
Hash 2880fb8ad8aef32ea94a5dd2f15e22bb
eb4cc5d751fe833610cd78773273a8a6c822d8db
6d8627ffd9ee6177603d5badfceaea9ae613b29c9c4e705b553ba6354236e188
GET /css?family=Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 20 May 2023 20:19:41 GMT
date: Sat, 20 May 2023 20:19:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
afuncan.com/content/themes/dark-grid/style/bootstrap.min.css
104.21.65.132200 OK 160 kB URL GET HTTP/3 afuncan.com/content/themes/dark-grid/style/bootstrap.min.css
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type ASCII text, with very long lines (65326)
Size 160 kB (160256 bytes)
Hash 8cca3d0a5e74b43929b1a9cc9d719c28
0165da2a31456a32681a0769e6af537001413a77
9d5ccef11c5234683e4bfe39d86b125b5bf31e76b9f83dbcde8213a41e9d77a3
GET /content/themes/dark-grid/style/bootstrap.min.css HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: text/css
last-modified: Fri, 07 Apr 2023 08:41:57 GMT
etag: W/"27200-5f8baff7f2462-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3784
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7H0zPLju7vQ51qB9SK819X%2FByMyjktZLJYLnleDN5x%2FNkFScEFpa63ghuZN8ol3ZItFexd8EumR%2F%2F7BOD16dERolYvMHbZBusi4p4FakG1dc9%2B90yL3RCCr6js5Dkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a46b1efab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
afuncan.com/content/themes/dark-grid/js/jquery-3.3.1.min.js
104.21.65.132200 OK 87 kB URL GET HTTP/3 afuncan.com/content/themes/dark-grid/js/jquery-3.3.1.min.js
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /content/themes/dark-grid/js/jquery-3.3.1.min.js HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: application/javascript
last-modified: Fri, 07 Apr 2023 08:41:57 GMT
etag: W/"1538f-5f8baff7f18aa-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3783
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTCtOuvSsBbF7Xi1b9K73OTfwmXBysZizLCpEz1bTZUi6SK%2FLxZ2j%2FDu5Grn%2Bjg2MwvJjVycIQZwkUzLtLNAZ6O9D7dzKoewKGoTOegSUUdIv%2BKkiAZOmITr4qJBYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a4fbcafab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
no.china-embassy.gov.cn/eng/zngx_1/whjl/zx/201704/W020210701350517969188.png
0.0.0.0 0 B URL GET no.china-embassy.gov.cn/eng/zngx_1/whjl/zx/201704/W020210701350517969188.png
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eng/zngx_1/whjl/zx/201704/W020210701350517969188.png HTTP/1.1
Host: no.china-embassy.gov.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
friendshipmale.com/sfp.js
172.64.141.24200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP 172.64.141.24:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:46 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 4e2d46eb3896107c6d944ed86a4f327f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 20 May 2023 20:19:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W68X2%2F5UUDVrNxBD75SeA36%2B2rrpOXDmJFpT0qW%2FYXQPN2QM7MQycxuWFl9nL2cXfeTwx1wJaD38R1bk0jBkCqo9e187Q5Vg9nyqQ2hVOgRJaw0QxsFpjkUp6ZCgzBOxdpb4WyI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746c418d148ac-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.65.132200 OK 52 kB URL User Request GET HTTP/2 IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEQSvA3W050C0GUjwQTIEEd%2BrQWjol08mxjVBNpLhIQX%2F%2FqW0zzOMJPTbe8th0FHXzA0O%2FaaOvq2ZxvokmHxcD0%2BZlLYHNEJXlktmhgb8kFuwhp5eJXpeqsrL9vixQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a02b55b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
afuncan.com/content/themes/dark-grid/style/custom.css
104.21.65.132200 OK 128 B URL GET HTTP/3 afuncan.com/content/themes/dark-grid/style/custom.css
IP 104.21.65.132:443
Certificate IssuerLet's Encrypt
Subject*.afuncan.com
Fingerprint31:FF:25:C0:A9:EA:4D:E5:F2:11:D2:4F:83:B9:5F:36:51:FB:4F:BA
ValidityFri, 07 Apr 2023 06:09:03 GMT - Thu, 06 Jul 2023 06:09:02 GMT
File type ASCII text, with no line terminators
Hash c10b867baea601010f1a5762ad6eac18
426570b563c428aef74592abb2ab79db60e3bf53
caf8fc9d4a3f5cad18b77f67bcee38802676b08fb19edbd5cef21493aedae662
GET /content/themes/dark-grid/style/custom.css HTTP/1.1
Host: afuncan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Cookie: PHPSESSID=qfojlgrporcvuo63mmt91tqoov
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 20:19:40 GMT
content-type: text/css
last-modified: Fri, 07 Apr 2023 08:41:57 GMT
etag: W/"80-5f8baff7f2462-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3784
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZ05uXz7TsL2N8JZ1W6uyjS9SQgcuYkqkCDPm2ExfmT1VcH%2BasJSBdzJC5tjHxG2ROkEhuQn7jWSFrEsbud1LLA179RwbkPrDeUtVmDA3lKtvGsnWjdwQfAi%2FB2FBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca746a47b2bfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn.creative-bars1.com/sb/notifications/vpn/default/us/android/black/1/css/animate.css
172.64.196.23200 OK 79 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/vpn/default/us/android/black/1/css/animate.css
IP 172.64.196.23:443
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint88:10:E4:38:7C:46:CF:44:7C:D0:C8:1F:06:39:9F:7E:A5:2E:27:4A
ValidityThu, 27 Apr 2023 15:05:54 GMT - Wed, 26 Jul 2023 15:05:53 GMT
Hash 80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET /sb/notifications/vpn/default/us/android/black/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://afuncan.com
DNT: 1
Connection: keep-alive
Referer: https://afuncan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 20:19:47 GMT
content-type: text/css
last-modified: Fri, 26 Nov 2021 11:09:26 GMT
etag: W/"61a0c066-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lz2hWc223j4ZI1t8LhDlVZTNTPrHs2Fn9SHxZPShaFzTGnyaFHcGMlPVWbiW%2BWQmbEUMGmzMbiWCPZExh5418RxB6Ob97ll7RAf8KnbNJMZvRs45ZqpqbJkxZEipc%2Bj7IBr7bcoFZlTJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca746cc3a147719-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2