8.ki/
104.18.30.232301 Moved Permanently 0 B IP 104.18.30.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: 8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Sep 2022 05:34:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 09 Sep 2022 06:34:34 GMT
Location: https://8.ki/
Set-Cookie: __cf_bm=WhGYSlV7pBYoZZIIgjhM6wG1.uleNNzJ0MfP.aFQxBc-1662701674-0-Ack/x0BSlmG+Xdiy0FLRWeD90OfByPft2sjftAnd/yhBBlj6I8OqxSN/4206pE77KDPZ9qWA2hdkri2wQInzjDw=; path=/; expires=Fri, 09-Sep-22 06:04:34 GMT; domain=.8.ki; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747d8e3bfed01c12-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14802
Expires: Fri, 09 Sep 2022 09:41:17 GMT
Date: Fri, 09 Sep 2022 05:34:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 05:05:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gBXd653k4PZjWHBbRFa3fgFvoOTH5OGrakdpb0-6yqitN4fBbGbM3Q==
Age: 1732
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SLn4RIGJ5Mf50UdCorR6Xx9ikzKWuyOWm03NPnSwRepKa5yXecm4xA==
age: 6481
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 05:34:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
8.ki/
104.18.30.232301 Moved Permanently 619 B IP 104.18.30.232:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (379), with CRLF, LF line terminators
Hash 13616c2c6ba077f899aacd1f33b050fd
3b9d83528b64713a0b6e49d11ad671cf60778ec4
406022e73baf6222b4ddb648afe0a260fc85e28cb868f19cfc33c13e63241857
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: 8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 09 Sep 2022 05:34:35 GMT
content-type: text/html
location: http://www.8.ki/
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=; path=/; expires=Fri, 09-Sep-22 06:04:35 GMT; domain=.8.ki; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747d8e3d7cebb4f3-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 04:56:07 GMT
Expires: Fri, 09 Sep 2022 05:24:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5UANsXUkV7SmVmqwu5-vVURY0T4Zh80wAVH6BadFxRRelMR5NCbNcA==
Age: 2308
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4697
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:34:35 GMT
Last-Modified: Fri, 09 Sep 2022 04:16:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.42.74.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.74.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fQbGrkixBWaUJWxv48yO8g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nNUhbfe8Tnp1NapJ91+nbAIYA14=
cdn.livechatinc.com/tracking.js
23.36.79.16200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash 0ebe64a35980438a128af11c3cc5a82c
45c52f8e68e16e55a4c5ed60d80c9d0fea3d3541
50f064bdb6c18aea63f222e99142e608ee8fa286a7aee5a98aed6a8cb42ed316
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 10:40:48 GMT
etag: W/"007b32487b3fb040f15d1ea195bd2acb"
x-amz-version-id: _xG88gXidICys4xDpATfRKLYWxJ0cOXw
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: rCIDsGz1IWzOt0inIrizkxmc-G1X4Z636oph3TF24EvY0Z1GexwSjQ==
content-length: 25650
cache-control: max-age=28800
expires: Fri, 09 Sep 2022 13:34:36 GMT
date: Fri, 09 Sep 2022 05:34:36 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12045183&url=https%3A%2F%2Fwww.8.ki%2F&channel_type=code&jsonp=__hojyrvq9e1a
23.36.79.16200 OK 269 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12045183&url=https%3A%2F%2Fwww.8.ki%2F&channel_type=code&jsonp=__hojyrvq9e1a
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 8ab8f19be0a12efaf116580aa42a8911
73f9ff192608f3901953bf8838e8077d4b019679
fded8cdbf1cdbf8cc18994b2325f5011d8d1c3d836f310841a873eb670f7078f
GET /v3.3/customer/action/get_dynamic_configuration?license_id=12045183&url=https%3A%2F%2Fwww.8.ki%2F&channel_type=code&jsonp=__hojyrvq9e1a HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://www.8.ki/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://www.8.ki/
content-length: 269
date: Fri, 09 Sep 2022 05:34:36 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12045183&version=888.1.1.396.121.16.1.2.5.1.4.17&group_id=0&jsonp=__lc_static_config
23.36.79.16200 OK 1.8 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12045183&version=888.1.1.396.121.16.1.2.5.1.4.17&group_id=0&jsonp=__lc_static_config
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (4640), with no line terminators
Hash d11e155bcb0f26b3ab70a9cc07fa791d
d41830ad1ae296ca55bdc238c3e0c70b9d23a4d8
b1a2f25f6f7e91971ccb6516dcd1170a1125fb193f3121d6f4515ff8563e2c0c
GET /v3.3/customer/action/get_configuration?license_id=12045183&version=888.1.1.396.121.16.1.2.5.1.4.17&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1755
cache-control: public, max-age=600
expires: Fri, 09 Sep 2022 05:44:36 GMT
date: Fri, 09 Sep 2022 05:34:36 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12045183&version=d4234139f0f2a5e50173b124f65938ca_d63b58209ac6e25af662767fb75ad94e&language=vi&group_id=0&jsonp=__lc_localization
23.36.79.16200 OK 4.7 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12045183&version=d4234139f0f2a5e50173b124f65938ca_d63b58209ac6e25af662767fb75ad94e&language=vi&group_id=0&jsonp=__lc_localization
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (11963), with no line terminators
Hash f0c683128ab716f2fbd3f77f43d83e4a
a4333623a4699088ca0c59bd2ce0fffa42186110
d327adfd77774af05ec7f8981bf827a92b9a8456180dbb3cfb51ae66d79835c3
GET /v3.3/customer/action/get_localization?license_id=12045183&version=d4234139f0f2a5e50173b124f65938ca_d63b58209ac6e25af662767fb75ad94e&language=vi&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Fri, 09 Sep 2022 05:44:36 GMT
date: Fri, 09 Sep 2022 05:34:36 GMT
content-length: 4689
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=12045183&group=0&embedded=1&widget_version=3&unique_groups=0
23.36.79.16200 OK 2.0 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=12045183&group=0&embedded=1&widget_version=3&unique_groups=0
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4424), with no line terminators
Hash 6975fc9733be12516047d02256294684
d7d3d381d40b2fc3004bb3d1efbd9b54824466b4
4b673d4636d0081533e90b9bf9a9217d1405207d271aaeced82f90e59a3845d8
GET /customer/action/open_chat?license_id=12045183&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-length: 1968
date: Fri, 09 Sep 2022 05:34:36 GMT
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/0.96a16c18.chunk.js
23.36.79.16200 OK 70 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.96a16c18.chunk.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 4e94f8d92e0b5b5d837c91a71518ae93
3a901f88735fe470d89fabae6f6da1bd6ef57370
ad40d01aa34c47aa7e9bc7bf52adc65074e90e7ea81a3646ee536b79a278be8c
GET /widget/static/js/0.96a16c18.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Sep 2022 12:23:44 GMT
etag: W/"6a835528d087d08b1f0fe0642cb6d223"
x-amz-version-id: D3auGCHl.1EBD8fIsGg0TVEJ4vGgzVLu
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 2Z3Jj0ChNSBBVMOnJi6CzXCHxdv4j89b_Ig-RZcY8UGtT5nFkSAmPg==
content-length: 69542
cache-control: max-age=31536000
expires: Sat, 09 Sep 2023 05:34:36 GMT
date: Fri, 09 Sep 2022 05:34:36 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.222338d2.chunk.js
23.36.79.16200 OK 134 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.222338d2.chunk.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 134 kB (134381 bytes)
Hash 15833ab236abbee9fc54fb7f73166b9f
27e1adc3a3c0f25d0cb79b561ec9fb658f922013
29286ec76a48a9c2164e7070bcc58a21a6a3c0f6477df1d0d7169d43c1311a25
GET /widget/static/js/iframe.222338d2.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 10:40:50 GMT
etag: W/"8aed37a370cde495e3ad2a56bc68002c"
x-amz-version-id: Zm7dFJHNhyR_7Soj8ZD0e520uRRz8f2v
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: -FUywuWfFex7fyWEhiDJqoacQOISn6YJ0cZNVdEQx3of7oPZmjdbAA==
content-length: 134381
cache-control: max-age=31536000
expires: Sat, 09 Sep 2023 05:34:36 GMT
date: Fri, 09 Sep 2022 05:34:36 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:34:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:34:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:34:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:34:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Hash ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:03:13 GMT
expires: Tue, 05 Sep 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 289883
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Hash 0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:03:14 GMT
expires: Tue, 05 Sep 2023 21:03:14 GMT
cache-control: public, max-age=31536000
age: 289882
last-modified: Mon, 09 May 2022 18:28:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 05:34:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=12045183
23.36.79.16101 Switching Protocols 0 B URL HTTP/1.1 api.livechatinc.com/v3.3/customer/rtm/ws?license_id=12045183
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.3/customer/rtm/ws?license_id=12045183 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8yctSfwO0JqEUFRk/xMPFA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: S69zFO0yyUxO7xIiLr3h44kLvrA=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2023-06-30
Date: Fri, 09 Sep 2022 05:34:37 GMT
Upgrade: websocket
Connection: Upgrade
accounts.livechatinc.com/customer/token
23.36.79.16200 OK 138 B URL HTTP/2 accounts.livechatinc.com/customer/token
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash 736092363f6e0c9ce6927086e986c9af
ae1c8193a9ae293d531715e8fd07b16a553f13d2
b5f017ba4cc9a36f781acc548a3948ae98cadaecb1568f03fbdf08dda974f2e2
POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Fri, 09 Sep 2022 05:34:37 GMT
set-cookie: __lc_cid=8b568675-62ca-4b83-6f4c-a51a4966cbbc; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Mon, 09 Sep 2024 05:34:37 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=8a100678355e8c77f498e94eddb6074eb290bf6d0fe757763434fb4d3e18ce61d8e6454b4e8c211229ab0320e4a6e4c4d78b0f7d2f75d1813337864a7e3a; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Mon, 09 Sep 2024 05:34:37 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=8b568675-62ca-4b83-6f4c-a51a4966cbbc; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Mon, 09 Sep 2024 05:34:37 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=8a100678355e8c77f498e94eddb6074eb290bf6d0fe757763434fb4d3e18ce61d8e6454b4e8c211229ab0320e4a6e4c4d78b0f7d2f75d1813337864a7e3a; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Mon, 09 Sep 2024 05:34:37 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1662701707&tag=a14bfbebda287d6fe1ab233b28673c0866644275; Path=/; Expires=Fri, 09 Sep 2022 05:35:07 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2518
Expires: Fri, 09 Sep 2022 06:16:35 GMT
Date: Fri, 09 Sep 2022 05:34:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2518
Expires: Fri, 09 Sep 2022 06:16:35 GMT
Date: Fri, 09 Sep 2022 05:34:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2518
Expires: Fri, 09 Sep 2022 06:16:35 GMT
Date: Fri, 09 Sep 2022 05:34:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2518
Expires: Fri, 09 Sep 2022 06:16:35 GMT
Date: Fri, 09 Sep 2022 05:34:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2518
Expires: Fri, 09 Sep 2022 06:16:35 GMT
Date: Fri, 09 Sep 2022 05:34:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f23cc94-7224-4460-ac1e-e6f178c3e961.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f23cc94-7224-4460-ac1e-e6f178c3e961.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e2cb929798304af6df37283057249ad
646332f967868d58c2afa6a268677b3ea717f4f0
d490b6d3c084c92c92f34007b7f254f7d815a16d2442bbb75c8bae437d3565e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f23cc94-7224-4460-ac1e-e6f178c3e961.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6348
x-amzn-requestid: 6b54628a-cdef-4171-af77-eb009325c973
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YHDxVHZvoAMFpqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631919a1-40d667983dfd5f417f4ed81b;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 22:22:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: yFe_U0RoPs2NwEjNoiHb1WJorfK6eVyJIGlTL5mlB0pU1C-Yc78-Xg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:51 GMT
age: 64037
etag: "646332f967868d58c2afa6a268677b3ea717f4f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:05:15 GMT
age: 26962
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc935f3d1-f1ad-4753-8e03-988c366f974f.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc935f3d1-f1ad-4753-8e03-988c366f974f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 356d258ee8fe7dd3a49d6e910ad4e6d1
69582548ae31d56ebd4a140e000ae6ab1a6a399b
32394386d1762e03f6ee1cbc5c6ed40a0a745745da646d8879fc8b59a089b887
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc935f3d1-f1ad-4753-8e03-988c366f974f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7787
x-amzn-requestid: 3dba260f-c87d-40ac-b840-ec3ce2f315d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRjNF5RIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a62e1-5e73894d42ccca495868d250;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:47:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: ijCbDoTKkmXPqC1EGt5-ONwGWHMB83kluoTiIoGIDhFr6byq1k_QEA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:02:44 GMT
age: 27113
etag: "69582548ae31d56ebd4a140e000ae6ab1a6a399b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F734c0779-c033-4fb9-aef7-ec81416744c3.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F734c0779-c033-4fb9-aef7-ec81416744c3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf8614d876156699bdf11897c45e9ae8
ff2c27cf141c68259e6e85020b01efc5d41730a6
c89d6a2fdc789fc725e8bac99774f9f9f0b22000f57d32f5611525bca30002d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F734c0779-c033-4fb9-aef7-ec81416744c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6365
x-amzn-requestid: dc414175-8174-4fa8-812b-1f72de48d5f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRBYEt8oAMFmyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6208-1c2417b120725a9a0642620a;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:43:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: lvOUBfECM7qlwpj9suDt1A4TRrvdYTsqOQGCNkf3pYYrIHHqZczRcg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:12:19 GMT
age: 26538
etag: "ff2c27cf141c68259e6e85020b01efc5d41730a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:54 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 3703
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: bb6a7928-9bdc-44e7-8478-b415bc504343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJu0bGYdoAMF5jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2b4f-208339fd72e62dff4a2ba339;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:50:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: UaU9GK4lcCuAN2WghBDa7f-21dRTA4Fh1tlAmGFMKh4wQOGZlKdmOw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:46:49 GMT
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
age: 28068
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.8.ki/static/js/739.fca1fba5.js
104.18.30.232200 OK 40 kB URL HTTP/2 www.8.ki/static/js/739.fca1fba5.js
IP 104.18.30.232:0
Hash c34e1fa02a27a709e8125f44656835a8
7d39720f434713a738b92bf4903f506b9176882f
5a5b47863d191a729bdf5971d5b4fcc5288898cfa2bf85706398e6cc832cccc8
Analyzer Verdict Alert fortinet Phishing
GET /static/js/739.fca1fba5.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-a259"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4a9927b4f3-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/1071.ca0e2840.js
104.18.30.232200 OK 113 kB URL HTTP/2 www.8.ki/static/js/1071.ca0e2840.js
IP 104.18.30.232:0
Size 113 kB (113192 bytes)
Hash 0d802e3358b852b9d70a59db60931e78
efe2205eeed51086167314640ebe837644e8587a
4ca29cb919a2fe0c84beb742c066cec3026214a10dc5aa2429a862a40aeb2866
Analyzer Verdict Alert fortinet Phishing
GET /static/js/1071.ca0e2840.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-3a17"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4a9922b4f3-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/d-AppContainer.b82959e6.js
104.18.30.232200 OK 205 kB URL HTTP/2 www.8.ki/static/js/d-AppContainer.b82959e6.js
IP 104.18.30.232:0
Size 205 kB (204594 bytes)
Hash b6877c185ec9160de24eba85a351ba11
3c1cdb91eeb4faebd2568b4a6df47fd29baae802
3b7a15a1712a6dbf9be4d6478f53ba703485925490c2bd64b1eabf07b7f9b7b0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/d-AppContainer.b82959e6.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-1f54e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4ab958b4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/game/en-US/AE_GAMING/aws_57.png
104.26.1.241200 OK 122 kB URL HTTP/2 csi.20icipp.com/img/static/game/en-US/AE_GAMING/aws_57.png
IP 104.26.1.241:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 122 kB (121887 bytes)
Hash 4ec895f83977b88a565e68c0979c25bd
4cb3f4cd7a4fbae90f0acd6b4a3b54dc13cf9988
b8fb34cc01183db744db27557333cdded55e6a1def0529784bd2ae4d30b4e0bd
GET /img/static/game/en-US/AE_GAMING/aws_57.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: image/png
content-length: 121887
last-modified: Thu, 16 Dec 2021 04:49:33 GMT
etag: "61bac55d-1dc1f"
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 52117
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USDi6ZjcfkJh7V9mpTfZZCYQG%2FuY9QpjoOCsqgjFzjI5ZshutnqnEYuPrkyYf5JMdalAojWv%2BScMDJO7QAljPHvpimvV9QtieslZ2SMTOyc%2F453n4UKDXEzcb7NpLK6WWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e52b938b50f-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/3140.3a0cd49c.js
104.18.30.232200 OK 128 kB URL HTTP/2 www.8.ki/static/js/3140.3a0cd49c.js
IP 104.18.30.232:0
Size 128 kB (128367 bytes)
Hash d3b2afc74b9eb3c927b9a900af73950d
8f7f3959d181eec0dea4c881c51b0e8eeecd18d7
d92734703874ccdaa3372ecd5233dcd8a8abbed678e7cecb8c7c0e31d04db3e3
Analyzer Verdict Alert fortinet Phishing
GET /static/js/3140.3a0cd49c.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-36bb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4ab956b4f3-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/8000.95beec0d.js
104.18.30.232200 OK 157 kB URL HTTP/2 www.8.ki/static/js/8000.95beec0d.js
IP 104.18.30.232:0
Size 157 kB (157034 bytes)
Hash d7ab20802af68c1373094e50c182518a
ce95a65ff908f1e6c46fb136a17e37c6d2af032a
2dabf4ebdb343117d2f33a89abfd0005210a1850d9fece76301012cd17edc36d
Analyzer Verdict Alert fortinet Phishing
GET /static/js/8000.95beec0d.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-6948"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4ab955b4f3-OSL
X-Firefox-Spdy: h2
www.8.ki/static/stylesheets/1272.56fdbeb7.css
104.18.30.232200 OK 55 kB URL HTTP/2 www.8.ki/static/stylesheets/1272.56fdbeb7.css
IP 104.18.30.232:0
Hash 65ed6d40335a754fa54b5e82b4665c54
61d0a847c8de6de10fbc8bc347f312c8b514f301
4d2e025e3ba8a29914e6aada950253a4c136c3860c2493fcd873decc5d8b9d3d
GET /static/stylesheets/1272.56fdbeb7.css HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-84fa"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4a992ab4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/home-footer-curve.png
104.26.1.241200 OK 8.8 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/home-footer-curve.png
IP 104.26.1.241:0
File type PNG image data, 3000 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 1bdad1114c35fc6a4819171474517d00
5d86f3e123d1056f15cf84e36d1b6c3d2d238e4f
cbb7feb9b257a9ddf504b037968369ce344df47edc382dbbdecbc27fdd3c9399
GET /img/static/desktop/home-footer-curve.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: image/png
content-length: 8804
last-modified: Thu, 16 Dec 2021 04:49:30 GMT
etag: "61bac55a-2264"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCsHcs3j9wkoqhW1X%2Bx7hOUpGV1Ows%2F5Mul4qLbCaFpZ4I5efDbW9oSbUZ00uMtud9PSJupFk%2FgndgQPSC5eN0r%2BJGUSlbBvKnpbtLPwI0S1c%2BEi8Qzj5swqLBrgGobgOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e52d959b50f-OSL
X-Firefox-Spdy: h2
api.8.ki/vn888-ecp/api/v1/settings/activeshortcuts
104.18.30.232200 OK 6.4 kB URL HTTP/2 api.8.ki/vn888-ecp/api/v1/settings/activeshortcuts
IP 104.18.30.232:0
Hash 9a5f4d2e4a7648758139fbe7fd6837c7
5d302c12fefb9004e382f35d0fcb8fa66095644f
7cc06b0ce16a0a245220236d9790fc1804261d38499785026c3e7f5d69dee5c0
Analyzer Verdict Alert fortinet Phishing
GET /vn888-ecp/api/v1/settings/activeshortcuts HTTP/1.1
Host: api.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Origin: https://www.8.ki
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=VR3O_RCj2Eh_XsTBgy45jKsutJDGw0CuraDvLGpOFVg-1662701678-0-ASs2uZW3skpMY/Vd2TZpE2gsfszYlzIpjHFLbxDXWpQs+LLmTkHHZzCaIDlmRg8vPBn6J9IwkpGMaOxEKqX2HzE=; path=/; expires=Fri, 09-Sep-22 06:04:38 GMT; domain=.api.8.ki; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747d8e534df21c02-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/vn888/desktop/payment_icon/mb.png
104.26.1.241200 OK 4.9 kB URL HTTP/2 csi.20icipp.com/img/static/vn888/desktop/payment_icon/mb.png
IP 104.26.1.241:0
File type PNG image data, 150 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 83cf0e6c6279d9639d671af25461c8e6
fd0a41ba6cdc6900569c48c51b0ee9b1994a137a
59945404b161a5da43667c91728e4c9e063e6f47e7642ad67f4905f9ae0f33ed
GET /img/static/vn888/desktop/payment_icon/mb.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: image/png
content-length: 4885
last-modified: Thu, 16 Dec 2021 04:50:09 GMT
etag: "61bac581-1315"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGezZym9IcMeYOFUX%2BSyef8kKvJKGFN4Rlubr%2BehYAKU7sGvEkVuE4VXtTxV%2Fskpb9LK8OgK5uwXMHV9eRWDl8iv3PohSG6z6E05upO07dzUqotDYRwG3rhL5U0dHW5L3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e567cb8b50f-OSL
X-Firefox-Spdy: h2
api.8.ki/vn888-ecp/api/v1/staticpagesettings/SignUp/orders
104.18.30.232200 OK 6.3 kB URL HTTP/2 api.8.ki/vn888-ecp/api/v1/staticpagesettings/SignUp/orders
IP 104.18.30.232:0
Hash 63487fc27cc08d9f3f2a8431fa0d5442
4d12cacc60f15bc2ace6f83c1d4b5750881eb7e3
a3f32ec9305d6426c0dfe0f496b85f6b6ac5861415e84884b935df0f6757091b
Analyzer Verdict Alert fortinet Phishing
GET /vn888-ecp/api/v1/staticpagesettings/SignUp/orders HTTP/1.1
Host: api.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Origin: https://www.8.ki
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=QIBcfBvpLw6yo7RsZzl9JhegQoIcR652Hb2pjbC89a4-1662701678-0-AdhlfNOBB2FC68u6M8oBsh1pRIDC7SawJ+b55nwPGrd2eNwTm30R95i17brMjxxNOT6KbpmpZBTyiRl4jgnK7r8=; path=/; expires=Fri, 09-Sep-22 06:04:38 GMT; domain=.api.8.ki; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747d8e534df41c02-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/8820.b838a408.js
104.18.30.232200 OK 18 kB URL HTTP/2 www.8.ki/static/js/8820.b838a408.js
IP 104.18.30.232:0
Hash 85d1c1c2e1e9747e0c2f44854c53ba84
ebcf7df7369c8d2800458978aa0d388f6be112d7
e5d7ba8e614add808e235206c1551335e5e5c4c7c45670fdc9a9d9762e894ef9
Analyzer Verdict Alert fortinet Phishing
GET /static/js/8820.b838a408.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-7672"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4aa945b4f3-OSL
X-Firefox-Spdy: h2
api.8.ki/vn888-ecp/api/v1/dashboard/displaySetting?currency=VND2&locale=en-US&platform=2
104.18.30.232200 OK 5.9 kB URL HTTP/2 api.8.ki/vn888-ecp/api/v1/dashboard/displaySetting?currency=VND2&locale=en-US&platform=2
IP 104.18.30.232:0
Hash 080247eaba10ee3830c94acac7e917ef
06a6f3c5e55fb79da788c556224dc6e7f7486222
2a81a0a0ffd1f360e504c4b99d5bb7c5a6ca47e0a79d8bb89f601b244fbc3606
GET /vn888-ecp/api/v1/dashboard/displaySetting?currency=VND2&locale=en-US&platform=2 HTTP/1.1
Host: api.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Origin: https://www.8.ki
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=_HtRoPU0CihF.PJ2WXVfpuB5oNx1N3g_a0IjRWlSVcI-1662701678-0-AZlTJ2FJSkzigC/hs6d3xTzPlTVz0FkOwwpOchzUlAPjb3DaSIDHW9NfpcY31P3uceJHqCAJa7IjVBjodrdbAwY=; path=/; expires=Fri, 09-Sep-22 06:04:38 GMT; domain=.api.8.ki; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747d8e534df71c02-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/yd9779/c-ul.png
104.26.1.241200 OK 8.2 kB URL HTTP/2 csi.20icipp.com/img/static/yd9779/c-ul.png
IP 104.26.1.241:0
File type PNG image data, 1100 x 294, 8-bit/color RGB, non-interlaced\012- data
Hash 368fe370d80924220a866cb5bbe35655
4665ee6f394b6ac8987f660ce49bb10546652c9c
65a86e0af2906f7382fafd569d6f91f8f594bb36bf941732a5f04e63eb9d7096
GET /img/static/yd9779/c-ul.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.8.ki/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: image/png
content-length: 8183
last-modified: Thu, 16 Dec 2021 04:50:10 GMT
etag: "61bac582-1ff7"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5UX7%2FXTvV1GC67dseQVmbIQuo7yHs7UWaiXELAztOPs4wA%2Bxd0einrM%2FsK2HTJZpQwl5UECvkXaX3ynU4DYdqIDbHxi8OgsXB%2FFCXZm9DBbs%2FHVFUzhOkHzbAk8KASSjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e569ccfb50f-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/2593.3dc2d719.js
104.18.30.232200 OK 126 kB URL HTTP/2 www.8.ki/static/js/2593.3dc2d719.js
IP 104.18.30.232:0
Size 126 kB (126136 bytes)
Hash c803a5272ed0d0fe791f52f8a866eb5e
fc024d9b988ab3eb9b7ee742649f788153e5ca4c
79d52e9ea443b05de808eef5983c4f62ba239ea5284299e07ba938cdc15a5ee6
Analyzer Verdict Alert fortinet Phishing
GET /static/js/2593.3dc2d719.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-6be83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4a992fb4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/yd9779/au-ico.png
104.26.1.241200 OK 1.1 kB URL HTTP/2 csi.20icipp.com/img/static/yd9779/au-ico.png
IP 104.26.1.241:0
File type PNG image data, 32 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 75fa341ffd3e5842df0acf663b29a2b3
f0b95ea41e50ff1f17a5856cf66e1148a62fc25d
5bc52ae7f1cdbebcf3a6f49aa231771f7a7e74762e5b5f3ecd772b597bc0e614
GET /img/static/yd9779/au-ico.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.8.ki/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: image/png
content-length: 1148
last-modified: Thu, 16 Dec 2021 04:50:10 GMT
etag: "61bac582-47c"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xf8pj%2BM84J%2BN4AB3nXnV1044WFzbVEJTw78Kc5Vbw8KULW9%2FpqE9hpfijinUXby4tM%2FiUX9vzZ4xG8LVMwPMcYxw3eROFZkS%2FoKNt6yVhGK6b%2FnfXOYGaos9lgadxHH6Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e569cd5b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/yd9779/c-btn.png
104.26.1.241200 OK 2.9 kB URL HTTP/2 csi.20icipp.com/img/static/yd9779/c-btn.png
IP 104.26.1.241:0
File type PNG image data, 200 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash 297dd20b3e1dec93aba22e88c2e85ec9
644bf435dbc0ffe39b3485e1c2c0efe9d839580f
d70eacb5876c42c1bfc96b5beb32e92132ce3db569202e0c4a507b493880135d
GET /img/static/yd9779/c-btn.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.8.ki/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: image/png
content-length: 2908
last-modified: Thu, 16 Dec 2021 04:50:10 GMT
etag: "61bac582-b5c"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apbnkcsRiy%2By%2Bhtk9az%2FQ510ilI7eovKIXicKEzOXDzmZS3noVJYieTNZ8dtdJZqXTJZ2kHvHU0SOUdAI%2Fm5XxLYJprG9OuSfYS6SrEgaf6qa0wbeiCmIARk%2FfyjZVpZ9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e569cd3b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/game/en-US/AE_GAMING/aws_82.png
104.26.1.241200 OK 149 kB URL HTTP/2 csi.20icipp.com/img/static/game/en-US/AE_GAMING/aws_82.png
IP 104.26.1.241:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 149 kB (149068 bytes)
Hash e5a3ad756096f391aa5d2e050ad5c45b
f4dcbaad8b86b0b08df1e1730be7950cd7611d33
aff37d29cf450919ccaa82344360f26052fedbbb496551a5a93c3ad431fe31d1
GET /img/static/game/en-US/AE_GAMING/aws_82.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: image/png
content-length: 149068
last-modified: Mon, 16 May 2022 02:49:18 GMT
etag: "6281bbae-2464c"
cache-control: public, max-age=31536000
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtlxS%2BMw%2BtkIgU7kVdh29CKg6BGPWSZ8cUaw7dRWGKuhgjcBHAZTsGTvAQPleeGA%2F4lOFr0t7oEKxuqvkhn8XdQG41t4Un3wpJHLdZxON3aTS%2FlhbtQk7kOcaUCDuIxOVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e52b93ab50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/brand/vn888/logo.png
104.26.1.241200 OK 106 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/brand/vn888/logo.png
IP 104.26.1.241:0
File type PNG image data, 633 x 211, 8-bit/color RGBA, non-interlaced\012- data
Size 106 kB (105792 bytes)
Hash 0e7d49f313342aebd883c9103ea3df9c
936ae4765edf183fb1cd5786c6a6004f845dfd47
272f1935dc391e83fa450aab45ba62f60680767157d92d1d847640055b472d36
GET /img/static/desktop/brand/vn888/logo.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: image/png
content-length: 105792
last-modified: Thu, 16 Dec 2021 04:49:30 GMT
etag: "61bac55a-19d40"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxlRKKp%2BI8qmLjxoEzJtpgaRFC2v2VYiUIjdxdur70hZiwnJg%2B4TL1gl%2F6Ru2f8CEacifkae83dyrRhjz7mWcYWRyfdHHrbsj9qRaktOH6cEMYAHxjAYP3yL7ONTQnbO0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e532994b50f-OSL
X-Firefox-Spdy: h2
api.8.ki/vn888-ecp/api/v1/gamesettings/maintenance
104.18.30.232200 OK 41 kB URL HTTP/2 api.8.ki/vn888-ecp/api/v1/gamesettings/maintenance
IP 104.18.30.232:0
Hash d107a7f77bfc47b488dd3d424a4deb5b
be9d6a8cc63abf62688e595971537f9beb4ae9eb
c8865f9041f9b4fdc392a531eaa5ee2812315b038b2c28272a9cd96521084796
Analyzer Verdict Alert fortinet Phishing
GET /vn888-ecp/api/v1/gamesettings/maintenance HTTP/1.1
Host: api.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Origin: https://www.8.ki
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=FVYCxC5bn_1nN7ch3XN1Au_jWSV7cu.sSTayD6aWZdk-1662701678-0-AWvibKYTsNiDxSkOex08VSk8RjFQh2zS1yqvapopgwNG1BEPT+SXAGERx53p0teKhrvYb7N3xc/he2FZj3iFLrQ=; path=/; expires=Fri, 09-Sep-22 06:04:38 GMT; domain=.api.8.ki; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747d8e534dfd1c02-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/yd9779/new-img.png
104.26.1.241200 OK 26 kB URL HTTP/2 csi.20icipp.com/img/static/yd9779/new-img.png
IP 104.26.1.241:0
File type PNG image data, 294 x 238, 8-bit colormap, non-interlaced\012- data
Hash 103415af4a3aa3a189cd25fba5f2ec00
39e5373aef733e57a2fbb2ce86cfe9f32b638dc7
c29d9dce39073c32389485dd2da5809be6e7add4370a31e61c18c07b6b584956
GET /img/static/yd9779/new-img.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: image/png
content-length: 25881
last-modified: Thu, 16 Dec 2021 04:50:10 GMT
etag: "61bac582-6519"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwKC3GVcfFoxfmBM4jplGFf5Lkkg0%2BkBzKBd7KeBhBJ%2FlCwRElsfDAOwKths9j3HycuHfw3cUas%2FDnGNX9889WKMTlY%2FU6Ix8IuEQ6hgvbOVE0IRu1kiCZClanYBmQrT5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e567cbab50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/yd9779/banner-bg.jpg
104.26.1.241200 OK 26 kB URL HTTP/2 csi.20icipp.com/img/static/yd9779/banner-bg.jpg
IP 104.26.1.241:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x685, components 3\012- data
Hash 7bde6521c48808cb516149534a64e07f
a209d75ddb8664522567dc1cfe19c1f7385c1694
388a12543034742f9815cca1148711f3baf5e3f5b9c1fd9dabbaee672c52369c
GET /img/static/yd9779/banner-bg.jpg HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.8.ki/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: image/jpeg
content-length: 26129
last-modified: Thu, 16 Dec 2021 04:50:10 GMT
etag: "61bac582-6611"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzn1ZgLjZpk04LueRGAMUogJle3z8ZODcK38sOR8zUpAeBQWD883qJ2A7irWuqTaqLRIpagOOcixdQzd6olgadfjoBNcVLjqJQ5xUpmZDKpdS1VMfKg%2BCiy41JwAs1QdIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e569ccbb50f-OSL
X-Firefox-Spdy: h2
api.8.ki/vn888-ecp/api/v1/register/setting
104.18.30.232200 OK 48 kB URL HTTP/2 api.8.ki/vn888-ecp/api/v1/register/setting
IP 104.18.30.232:0
Hash 86c402a19b8da95a62dc5ec8208e8687
5d9bc0356c95671983cbf168737c18dcf5f22b15
08d4f3df8bda4bfaa534594bf8d58314461eefa8ce1cc534271f7dcf19133ca7
Analyzer Verdict Alert fortinet Phishing
GET /vn888-ecp/api/v1/register/setting HTTP/1.1
Host: api.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Origin: https://www.8.ki
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=Kj0eDjx2UBLoT.Ndd3TsrSTjdLUlzFRvkP3Bs5eqFwU-1662701678-0-AdVf6Q+UIWnejkGmNN1x9hLsZDK9MS+f9rXeTVHEoA5qlkCV6fhqprEyBoGAQVy+ThIR2vKJmpm6+deZCnDJ/Ok=; path=/; expires=Fri, 09-Sep-22 06:04:38 GMT; domain=.api.8.ki; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747d8e534dfa1c02-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/yd9779/c-li1.png
104.26.1.241200 OK 47 kB URL HTTP/2 csi.20icipp.com/img/static/yd9779/c-li1.png
IP 104.26.1.241:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash c068b9c8e69e60a0031d7f48876dc20b
f4f76a213927551661f58c9496cb9bbead5ec8af
736b4eea4334c182ed010578d7fa900dc252b25c449f20e02f1b6e60233d2af9
GET /img/static/yd9779/c-li1.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: image/png
content-length: 46880
last-modified: Thu, 16 Dec 2021 04:50:10 GMT
etag: "61bac582-b720"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDZeG8gE%2Bd2nmuns310K1YdInxOkz%2FnwXMKiofYAINfJp3MV603kVAy5qRby3KZDQub8ajlUCblZF4XTxzl9bZ%2FiMfI2y6PEYYbVeGZEcbfOq%2BGbhif7l1tgBV48cDjvxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e567ca6b50f-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/3151.b912e2d0.js
104.18.30.232200 OK 54 kB URL HTTP/2 www.8.ki/static/js/3151.b912e2d0.js
IP 104.18.30.232:0
Hash bfda8e668a823abf789b4749b152b7f3
1d00441b0114f760a2e2a968a580ba8cd6ae3213
aec7393cb0fa754899848f52a980a1a0f3ff9f6072666c9b8a6cac9629e16cfb
Analyzer Verdict Alert fortinet Phishing
GET /static/js/3151.b912e2d0.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-28a3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4ab94db4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-undefined.png
104.26.1.241404 Not Found 23 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-undefined.png
IP 104.26.1.241:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 2c15935c61307e38690bfc4e3a4f833b
488bb40cbdb7ddca7b90d3e53fbac26b86e184f6
b765c78a1522da8c389eca6cdd951e34d1794272f97189365c9191c4516e8753
GET /img/static/desktop/sub-menu/sub-chess-undefined.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLyk8nAoQb3W81taEvTXsVlCHTC3NuaBj8nHjxij1cQRmsXd1DBrlj2rYWqUwmJTmjxfEZz2jWtQFEmRFhs8ILR01PKTYbGZsbv63FsPTxxmLOIPJG9I9CT%2Bx0y1cpPkFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e567ca9b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-mpg-jili.png
104.26.1.241200 OK 35 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-mpg-jili.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 30d595de60a6458380f028fed828f30d
44ddd1ca30f7035f84791a7c1fd40efc00e0cffb
6c5810a17fc0813cc04160a71a119ae6165c3601edfd1ea9754d6e308f0b7e25
GET /img/static/desktop/sub-menu/sub-mpg-jili.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 34783
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-87df"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=io1xYWKWGEJ%2FMyhMg2hRe%2Bj9U5vtbbuj3dqicC9YZOX0IZdHO%2BEa10LgfkHaSToepT8f8R76uMvJTRyaN4rsrAi1FpMiNdvqcqwnO1ocYQwDEpIFWXvcokntM8eDVZEMVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5ceb19b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-jili.png
104.26.1.241200 OK 38 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-jili.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 47bc4b651817e648050e9c9c8e723b5d
30ba297772120ee99eb464b5028113088ccd9a48
a209bad3860bdf9976ba48c26d7288881fd241318448f932058cbb07b637a2d4
GET /img/static/desktop/sub-menu/sub-chess-jili.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 37727
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-935f"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhNYWeikgRwLA%2Bfc%2FtlO050z7VArZyTHmrqpptUmBr8EanA6X1vNpyZxbW0BPYKx64tE8Ty0mcwWPJWQTSNzxIHBCNQxMmEbW0352zHzYc3VE6FNJkhycf92waY2tPFK%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d1b5eb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-spadegaming.png
104.26.1.241200 OK 32 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-spadegaming.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 00dea20463adeed4747549fc0b26e75b
0f3054c7c87f5c2c18321202bb8aacad90ffe0b1
3d1ff326ea25fbe0d471c718f68e6c8e30c571a9ce03e83b96e4e3121b0619b2
GET /img/static/desktop/sub-menu/sub-chess-spadegaming.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 31744
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-7c00"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CNH5VE6dPnavttc%2BRRw7D7kTeZ7DptR5G3n233IJov8pHTcrc9U%2Fv6ALMEYs%2FixNKOpQR8arEv3QmKeeH%2BBs0JgFQ5F5r6XgYh3iGJ6HOh5rGohQMgfgtvWT40CN2nxcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d1b64b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-pt.png
104.26.1.241200 OK 35 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-pt.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash d1360dcb04449eb5166f10f4a347c096
b7aeecccda8d95c35bee191043a00fe8e02476b6
e50ca71ceac05f69a332feaae7064f9c70d3e6eb08f206e037fc829c6bf2def6
GET /img/static/desktop/sub-menu/sub-chess-pt.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 34578
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-8712"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKHZiZj6cC9t62yqPhbWrD2ioh5yzb6L6CUe48wtvvsn1BWQqyhKjeiJEswIgKHB1wKzDXxALJxCXqPX8tm8jYM3L%2BYUdEyPsHxAaAswNwzDaXPbEb6OzUIYoysWaHZZTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d1b62b50f-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/6655.a5341bfc.js
104.18.30.232200 OK 40 kB URL HTTP/2 www.8.ki/static/js/6655.a5341bfc.js
IP 104.18.30.232:0
Hash fdea818730ae972e7a29be9f9dd71394
b8312ef0d0528d41b1ed6116eeed739eb1db7a07
21e0c13d2522d32bfe37aac28d8715f7c054f6838c22d6caf8ca2415d21faf94
Analyzer Verdict Alert fortinet Phishing
GET /static/js/6655.a5341bfc.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-7235"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4ab949b4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-jili.png
104.26.1.241200 OK 36 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-jili.png
IP 104.26.1.241:0
File type PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Hash fa8d9cd9cca8b408b3b22a30f0f2eb5e
bdaf008aa032c208ca36ac9b7f776edf21317c63
17fd9f754c0cfcf9060d8bf1c8f8744c33b164ccbf09d2abbf891506f8b95e13
GET /img/static/desktop/sub-menu/sub-egame-jili.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 36511
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-8e9f"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nERT%2BLKCEdha7SMy8Uo1oqzRvHsGfp2KGnMu%2BLAEV9lgVq9OjLshI6QnXZRDYGb3IoJJKYkgr8CJDaVCzplX4pGYuhI5ZcW942Vm8ZICar1k%2FaCe7ougzcu279lKUXyhWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d3b95b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-pt.png
104.26.1.241200 OK 39 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-pt.png
IP 104.26.1.241:0
File type PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Hash 40b8f22b6422c122db4c28ef6bb3cd0c
786507712fe5a9c5bcefbde9327b89941d2562b7
e86dbd507412d0c08e2cd8df8cffa0c4f38ef2da1df5437e5d1db71d8c6a7ae3
GET /img/static/desktop/sub-menu/sub-egame-pt.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 39150
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-98ee"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJdTmFJDSOYsAHh06ozUWTz4d1tqFfsvolRDuyuCM1GbWEHaCYEBGDbSDjOLOVegGopo%2BKKiFwNU92hi64DZKgmppsnTBTdKr7SlsBc%2FNMF7j4GM%2FBSx1AAajQ2G%2FqRatg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d3b98b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-spadegaming.png
104.26.1.241200 OK 35 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-spadegaming.png
IP 104.26.1.241:0
File type PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Hash c4a3f96b78b8c5aa3fef8f41fd0badaa
a77c22261bbb00df4aa0c9ae179a49887bb42c4e
c2c7cf2ae68e48da795d512a48be515bc591b3eb1978414011a2e62edc3682ad
GET /img/static/desktop/sub-menu/sub-egame-spadegaming.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 35390
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-8a3e"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75eEo%2Foy0KGeAG0wSqB74iyDtWC7ERq9yTvC%2BPo3rVV46Z0oiA9a3yEWCiNkehYvHq8sNwZ%2BpdD%2Fv%2FLvDOsBYTDLU7hcps4GPLhyRiC5%2FKRAUUdDN4JTHZDuQIEzLDpF%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d4b9eb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/ae_es2.png
104.26.1.241200 OK 38 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/ae_es2.png
IP 104.26.1.241:0
File type PNG image data, 351 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 12009ac54c7be9edab54ddf9d09de8b7
bc9a318d1c64c16e18312e3b94f6dc5852c2b0ca
8788ef21ae4f14cd4eabbed54386430c509ed3a7ff207f6b2008e8ea179d0b0b
GET /img/static/gplogo/h-dark/ae_es2.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 37984
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-9460"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfQD74Drvd9Wbhz%2BcIo4EGiVq26HZJUrqOwoniHFjVsu8%2BH1qOpmMVpWuy0wiEmYL0A16HZD5RRt14yvS4N1opPP12RA7NX%2Fdeh19v3hZLYC%2FqFPnnbnoLkkA8XUqhvvOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d4ba3b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/ae_gaming.png
104.26.1.241200 OK 44 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/ae_gaming.png
IP 104.26.1.241:0
File type PNG image data, 342 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash b013c667b749030e1c132456240d5ea9
12caf7d911e0799bc38fe4d0c7ed4fafdae69f77
44c1084abf3157bde9fc5850a98edfd4c02a5823bdb36017d65ce0656e7d3e0b
GET /img/static/gplogo/h-dark/ae_gaming.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 44333
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-ad2d"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsDs4u9JJ1S6CfwgybdHCHGo7GSkB83PIkahBgF4nd405gh1U8heL2oW3D65XxSMnQAwWk7Tw25j0418DG%2FyyL0ndZ8uHmsgPiVDfNT0qRqVJL7giAvjCNJ9cCaGxXTneg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d4ba7b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/ae_play.png
104.26.1.241200 OK 39 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/ae_play.png
IP 104.26.1.241:0
File type PNG image data, 307 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 6250e3b089cbc41552cc5481f85094de
821a4f5c563652fdb8449b265aeae9daa39ac8b7
fe969770bfb81c2b49422b55eeca2b589725603b9cf796b39516480b7afd2250
GET /img/static/gplogo/h-dark/ae_play.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 39432
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-9a08"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62lMoP9XUjetUgXtDFPxjPYcMjc1Tmu0Quc7zpuuJNK0I2p2g8WKIqRyWW9jKq2UHL22rJsrYmRxF4Wj8XjqcGF9UVutnZGGUFkj7K8m%2BlA98xeMnfFyiDEtcZDnJYP%2Fkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d5babb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/ae_lotto.png
104.26.1.241200 OK 32 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/ae_lotto.png
IP 104.26.1.241:0
File type PNG image data, 285 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash b93d3e51024affbbb81aa2813d11244d
eb0ac6838f17ad0d174f2ec9c80f4f91ef917cee
67276e81f9aecb007be21e47d884f0f963725276a1c4c4c40f22414c8fcc3fd6
GET /img/static/gplogo/h-dark/ae_lotto.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 31735
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-7bf7"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBs8mkVCS0Axhw3LzajM0bqmRas1xE10Ie9VMbnr7kWXO%2FmuboQH%2B1RWC8ZeDT%2FoS9tUlRSlviNBPg225L5OIt3U39syjlViQhsu4Nf%2B461nffZTnKpOLuAu4%2Bn%2BIkQN5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d5baab50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/ae_seven.png
104.26.1.241200 OK 49 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/ae_seven.png
IP 104.26.1.241:0
File type PNG image data, 326 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 79b48a93271de2e3d795436338d8b09f
85f00a5d93ff35b8dfcb8e9798cfc8fd46d83777
d880a5d390acb41a61f5299d18f3638d8cb3bc4ee2530a9f9d12a3e7abc71860
GET /img/static/gplogo/h-dark/ae_seven.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 49185
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-c021"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thk9P6xy0boyaL3aYFX57ujVIl9lGzs4pbq5DqgxU8UMY9NGq6lSjC8ksrOeQnYrlX6Li109AMGmjAwr6dkVWX04FD7PC9NZH1Av6QWN49nkt6RfXMqOAlyi9yHtoZOZSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d5bb4b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/ag.png
104.26.1.241200 OK 19 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/ag.png
IP 104.26.1.241:0
File type PNG image data, 340 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash c82c3b733ce6875b666626f4fbc8b81d
7242d9921a4e065ebc7565dbed578937339ce097
ab198a5294e90a9f53285ac68b0c3795004f0f77b1147c0c086fd07cf1aa42cb
GET /img/static/gplogo/h-dark/ag.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 19401
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-4bc9"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKM%2Boacvp0p9XdExbKO4c1GlRv846t4Xn7kZB5BMn6pxX%2Bw9EB4WhziajVcapdBfsGQRBBQhfceAmk5Db6r5o024FwmkhH2bfPgFE6tlFdMPMtqycK7%2BuGErMwTNoJ5lpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d5bb9b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/ameba.png
104.26.1.241200 OK 10 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/ameba.png
IP 104.26.1.241:0
File type PNG image data, 408 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash eb883d9862c6e6f57caef8f8187aa3e8
25f61111da76cc08afe0b445279c4473979a3040
f81c1bf4e5c5552290ccfe3b3bfc114bba12f04da75535f9627b4bb4b68e7e5d
GET /img/static/gplogo/h-dark/ameba.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 10547
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-2933"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gSulSdU4rObMhLS1jA%2F5A17oy3Vqu7NXVDG9qHXTXiOaau2JTy32sqx7yUD1iWf%2B%2FyTidcsyiQWs1ftBY4OtgNZi3y%2FUBMZ0G8EUdctOb0B5rXOdBRSWbWPpIONngSTng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d6bbdb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/allbet.png
104.26.1.241200 OK 29 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/allbet.png
IP 104.26.1.241:0
File type PNG image data, 260 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c87810ff8a3d5b97adf1a5735e67ddf
72e5d46410bad5493be799f32d184b859896edec
90e182bc6f9ee8c6f7ab57a17a6e8b97a719879e905eb1657eae7d85f778d04d
GET /img/static/gplogo/h-dark/allbet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 29434
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-72fa"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XonSOP2QzAwYbGokon2a84xRrUeeIXChwoscSqqwEyRdeODHyBcqQKhGKCsI%2FFclEu7dgcGZxcvX0%2Fhur8wU5l2s5eLv2mXaRr69AereB7yF%2BcZcEFR57osAajq28V2Zcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d6bbcb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/card365.png
104.26.1.241200 OK 57 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/card365.png
IP 104.26.1.241:0
File type PNG image data, 259 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 7afc771ec1f9d9a512ab2c4d4fb351cd
c75315214484f7ace2181316a02b0449956a6691
d24f4304eedf2f709e97ecd68e2e510446963dca295d9976aafab48f456e67ea
GET /img/static/gplogo/h-dark/card365.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 57316
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-dfe4"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpzBmV3y1y4hyM0dBcmFp3OJDjMbA2%2BE6%2Fvy8pO4w%2FJvFxTnSrUDRoBiNNrRp%2BsMoz3myGS8SFK%2FH1BLSz63SJE50qxayGuy2A5%2F2XT2P4Sh30f70YRQov78fFLN1Cy8sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d6bc1b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/bbin.png
104.26.1.241200 OK 21 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/bbin.png
IP 104.26.1.241:0
File type PNG image data, 282 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash e761360ce63c302924215be7fa772298
faff15640c9cc757849ba79cf9ddb40ce38a6daf
53b8dbb356cc7d63c076467d391ee118ec8327c913349fce319a914ee5f7fe02
GET /img/static/gplogo/h-dark/bbin.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 20927
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-51bf"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heLn6VFSu9Y7hfUxcJq%2B%2Bj9viVH2cW8Jb9dTDy7%2BvupFm52OfAsXrfHdJsVjVFB7IvY2r2hmFryjhEU1xoMAEWBhkoiPLpu16bbZmlV8MmITjJlkbhI6dwPWe2MMSkO%2BUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d6bbeb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/cq9.png
104.26.1.241200 OK 21 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/cq9.png
IP 104.26.1.241:0
File type PNG image data, 269 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 1031f81b2faa94ef0374da5fcfe65eb3
ee7958fe63d3180b366616d2f2b5c3dada7627a2
1bc7ca1a7d7c719abfaa1a668ef749b5e8c320c47ff4c4f716a29e62fce476e3
GET /img/static/gplogo/h-dark/cq9.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 20604
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-507c"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7eo2HqlA6%2B6X9JxDLGw2jSbPpm3Fx%2FwwT%2FJ1rOkvPvOhXs6UYbMdiU87BMDacH7CRufuAaNd9Xv7JdkqT5lWLpaEtfCO4zmCv7CgoJe5Ei7w7ejAJ9a44wjUcUR85%2BN5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d6bc3b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/cmdbet.png
104.26.1.241200 OK 19 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/cmdbet.png
IP 104.26.1.241:0
File type PNG image data, 340 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 8948cfd9ea47d72640c69289e5b6653a
b749bfc1536802a7729c21d95182bf53c6e84813
22c20481be54e176edb6874f7a10c848376aac6a78b2a4eaa3a97697b9ea0fd3
GET /img/static/gplogo/h-dark/cmdbet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 18927
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-49ef"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2E%2FQLgjRSlxX3uGDCbobIcoyFz1vcvIVNP%2FpUowpXnsPwUZwwPzGb8mXiwFmmM7LSv4G8fOVEvnEKwSRLTJPd5Syi6D6oj0786IHKAaXHzyhbXiIf9oFfVOh5kbgBf5V2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d6bc2b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/gw.png
104.26.1.241200 OK 25 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/gw.png
IP 104.26.1.241:0
File type PNG image data, 254 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 70f7d585b7c3e5117082a612eabed48a
64eb6337ff8db594692828d7d1a3202e3cbe8e27
f3bb04605d2a1764fd47a32d7fdf50d041d34d179f3500bba9b3f444d955227d
GET /img/static/gplogo/h-dark/gw.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 25080
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-61f8"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SHi2PGG2mZsK2YbejDydDPZLufPPUxRvf7kCy%2BwXHLodFsYH%2BuneQRgfDwedOX8iiajz%2B8Jjypn8bHc6xOzL8m4xJJ4Kr8EmeCiokSrOTi5lFcEQjUold361rbFfsqtcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d7bcdb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/jdb.png
104.26.1.241200 OK 11 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/jdb.png
IP 104.26.1.241:0
File type PNG image data, 217 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ecb926e49f9ae1bbfbd8a13e2a13ade
38fe5822d144011eb3ea96d8fdce8c39fea540a4
4b5b3b175cc73a514310d7c080d33727c433f4b6eddff26e48b2afb107a018ce
GET /img/static/gplogo/h-dark/jdb.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 11422
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-2c9e"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeMcmTBqn503LmV%2BffYx1NGyK%2FZHv%2BX3khP1EX%2BjS1%2BFV8V5gSf%2FpPgFraVGFiHC9Pj2lPIuxmtMs%2FfSlkJ4gR0MxDqblcb6lXVEJSFIQyQCRIvQ2TbY1uxa2AKaQVttig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d7bd0b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/jili.png
104.26.1.241200 OK 28 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/jili.png
IP 104.26.1.241:0
File type PNG image data, 243 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 94c2db6a0f1701f6b90ec17aea34870c
e09e6ca278a1b034f5b2c1fb9788422b108c6919
5ae3d4597d1c8fd5ff6f6c76b127c4fff7a0cf61d6907b6b3808eafa071f68ee
GET /img/static/gplogo/h-dark/jili.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 28019
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-6d73"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j44tz0Py5K7LEUec3jaJ5PfSQw8tnUQVRhmKGi50664lUy2WBsodaLDtrZSdMQFP6OXmxoks4rRCja0%2Bidclkz2ox3HVJlsw5Yqxl6qC8xaNCyw3NQqHg%2Fi4Ym4n%2BKqSqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d7bdcb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/kingmaker.png
104.26.1.241200 OK 31 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/kingmaker.png
IP 104.26.1.241:0
File type PNG image data, 417 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash d8e880a32a9843f29cfa7857e18ef3db
c659d11ac11463f1ef8a1b906cc46215eca5ddb6
3dfdeb860c2bd75e4494bac95ddcd2e48faade104d138958924db94133ceb82c
GET /img/static/gplogo/h-dark/kingmaker.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 31191
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-79d7"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdNC%2BhiwNOrtg8xf8Gn4J%2BOHsMCKM8s5aPalnWcftDzo8uBlPHo%2FYztZM9%2FXJO6GxTV2tDdOU0klZij9S6GyFlNBXljnAFQ0yFvaBtc2etf8ftNpfqitptwe5uP52Ia3Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d7be0b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/lc.png
104.26.1.241200 OK 85 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/lc.png
IP 104.26.1.241:0
File type PNG image data, 286 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ca22d2d9fddd8c6ec460310b1f8ac16
d29bdcc4ba0233ce83efd8b0ab5ce508ae5b5894
7fdc1e7e1e49bbda2954051fcb81cb1f0f9d78ed46e5890b867944f503b4d812
GET /img/static/gplogo/h-dark/lc.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 85180
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-14cbc"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2F5TL0idjcdq4ImCjzuVM858aBYK%2BKxvRkFEGlTcDvKZxJrH751PHDXhd8RojNOMVYiMeBrMYWHdiZmt6AjiicMWXpm1R%2FOLl0TaUM%2B9FJ8c6ZHC%2Bojy0xV3AkrRcAA67w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d7be1b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/mg.png
104.26.1.241200 OK 37 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/mg.png
IP 104.26.1.241:0
File type PNG image data, 522 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 456c5bbc75b5e7e9f459cba61179934a
087378ef5d9357e879b194d445e308efab15c23a
6a92b5406a0d9ceb0b57db51cca0e6e5878db4155c5d5b413179181d373bdf04
GET /img/static/gplogo/h-dark/mg.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 37015
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-9097"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJVrJSi5PDRDlX3FajdeK3aEN00N3taY8VvlYzWm6%2B04iCBu4rlFVPhzsniinV8eTaO9EXsKL3stoDOLOnYhKMCmrnFN8bk4JDgqGn8sBqG%2FcE9mYVqGkPeKsQHJKuOBjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d8be6b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/pt.png
104.26.1.241200 OK 32 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/pt.png
IP 104.26.1.241:0
File type PNG image data, 426 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 53ffb3ea10aedaa6b909bc80f9c119b2
532c9aab749a43cf7c0ded12bbaead13d280260e
88988bf58d84500119a01e7f2b1d962b9eab88c3abb2690a9df640d01a62366b
GET /img/static/gplogo/h-dark/pt.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 32495
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-7eef"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2zfqvTa0RqjZivS4t7Abab0fEIdiVP2spgmFp6m4cAV8Gk0hgYujNvtHg7LnstvrDZy9lWuRibFCbYEmkRjnaKvYSMD5qrjauwR6lSKDBYMGEEwRjL3X3rSRTMV3Hp%2FzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d8be7b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/rich88.png
104.26.1.241200 OK 21 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/rich88.png
IP 104.26.1.241:0
File type PNG image data, 336 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 78194d40e7c16d292ed7588f1279fadf
6e0ff593cc93e1c2cf65bf954d9a8832e38d290f
4048f4264822075bd51de018efa364a3fb6d0b27ce378d6ac8b997e71b4c5223
GET /img/static/gplogo/h-dark/rich88.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 21301
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-5335"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogsCAustQrkkgzI%2BLceTZt4BIuRrUebvs%2BB6hqnsUmU%2FO9ZQ%2F9SNGWMUP7cFARF7pr%2FyxlbufXn38Mn0vc6gy%2FHO1ZMmSTHEFBkvr%2FuH8yRdgHdeWX5PgqMoco4w%2Bft1bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d8be8b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/sa.png
104.26.1.241200 OK 12 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/sa.png
IP 104.26.1.241:0
File type PNG image data, 346 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b56dd3f8d9618ab0c5237fd8306935b
7036688a0cc08f4b49a28c49916e224e927afa8c
2bd46ab228195b37255a4a31735aefba0058f5de328ebbce48586b1c8b264827
GET /img/static/gplogo/h-dark/sa.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 11868
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-2e5c"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0uFbHB9xY6Jhmqo%2BZys%2BzhKXdYHEwaPfz8Mn%2Bz9ysYUIfKnAU9yRkoAIh2uPHpXwmVWwp6txBz5sEF73k5ApHBow3N0VCyJgqrWq0sqbtIF%2FunKh1tzaYN2GcbChomGEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d8be9b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/saba.png
104.26.1.241200 OK 14 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/saba.png
IP 104.26.1.241:0
File type PNG image data, 303 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash f360d8c52563b1c90084b0eb63fc1d6f
18b6d34040383a43df760e12f3c33be1666d758b
e8c63c70ae36100c05250ac4adb582df414d995b3e344475d6c4f8bdc342abbd
GET /img/static/gplogo/h-dark/saba.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 13843
last-modified: Thu, 01 Sep 2022 03:45:25 GMT
etag: "63102ad5-3613"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRkJiN3crqSzMIJ%2F6gP6lw5yDohfftxH4HxL4TtU%2B9tCkMdCQYguCIQQ%2FpzXqJUonRYJIohgv39ZhlaeS0hYb%2BZRVE7lfa%2Fv1dof1y1GNLmIZPw9hzqtW30IcDDIZNbAmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d8beeb50f-OSL
X-Firefox-Spdy: h2
www.8.ki/static/stylesheets/8920.246d6991.css
104.18.30.232200 OK 14 kB URL HTTP/2 www.8.ki/static/stylesheets/8920.246d6991.css
IP 104.18.30.232:0
Hash 877ce073b324774d4c05e84aea8956fc
9f0be24e1c44495eb49a15aa4d15e0fe755c3df5
18a579afb2f8e0212d2c6823f45d4387a03091d891805c48cfcb5ecec781ed50
GET /static/stylesheets/8920.246d6991.css HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-3e09"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:38 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e522812b4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/sexybcrt.png
104.26.1.241200 OK 49 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/sexybcrt.png
IP 104.26.1.241:0
File type PNG image data, 300 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash baca437e884488d8727b9c9ffe36ca25
8cbe699e6dea79066eaf9d3be2b388a42a21ea5f
4056bc602aae9e4cd78356f1abb4e29a952ba161376a0219f73621c93fe9e692
GET /img/static/gplogo/h-dark/sexybcrt.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 48596
last-modified: Tue, 21 Jun 2022 08:06:06 GMT
etag: "62b17bee-bdd4"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSCGNi%2F4gh1Z8dr2KWEcRnzoLIGaqP8t%2B8iuoKee%2Frn2fFJ%2Bq9HHtG%2FLle1szPo5BI3dMcbr1dcusWd4E23dVzI2jBNb%2F%2BimewTMYCJVplGKGpNBEAzu%2FCPPhczzTc9fWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d9bfbb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/spadegaming.png
104.26.1.241200 OK 34 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/spadegaming.png
IP 104.26.1.241:0
File type PNG image data, 507 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b1477070b6d961b235169620c17dcd3
0bbf058e66df384f83981f2df00665bca0ade52a
4799028e53487e1b65a41fe73c9e939a6e4b30bb6044a219c89f944a4a1909e1
GET /img/static/gplogo/h-dark/spadegaming.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 33776
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-83f0"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn5bOET9mb%2F5QZGRa%2FZw2hfiIP%2BbqO4lE%2BIYdhCHOwShzTN%2FW9omTY0nYBMzBo1kvKEx0rwjkcHsZQQESV6Tzg0azloeCQYUEoyZdN8q2C41DFsksox2yxWBkC08seBsOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d9bfdb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/tf.png
104.26.1.241200 OK 28 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/tf.png
IP 104.26.1.241:0
File type PNG image data, 278 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 5b3fe539bdf9a443b5bbf91351195eaf
0feeb16559853dae22321057b9bdfa403a55bc44
e1a2625fb0f42e75062982b2fbc54ea3f003be644abc4e4d92b3f2612c1e991f
GET /img/static/gplogo/h-dark/tf.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 27564
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-6bac"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoJz0DZTnL5N1om6TmmOdoFceYB%2Fh0uSpJaKguutQOmZztLy4v6kol2LkJPWN4Kij0w4D44gwfKgJOJM9hJUmGDbEQDYgZrA0E%2FsaLdTU1TnBf4WPMkzbYwwPiAcjR2chw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d9c04b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/sv.png
104.26.1.241200 OK 41 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/sv.png
IP 104.26.1.241:0
File type PNG image data, 343 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash dc8978fb159628dcbeaaeee993f6a01c
b12850daf5716103cc05e7d6ddcc462364a792d7
7dd5033ee3a192095fd7852cacf4efe11b08638e14bf4270c0400a1ed46ec830
GET /img/static/gplogo/h-dark/sv.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 41237
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-a115"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeP%2BxaXY1DAfYzV8ocrwoRVzItGrOTZO%2FbRPtBehO96IQn2zR43xnaT%2FKkJdejLhEzmyStmijLGhzyPbrnODpQfrfvOZedjKFyfIDbK4XIxiIM3zS5whR%2ByGPRCRZfVXqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d9bffb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/yl.png
104.26.1.241200 OK 28 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/yl.png
IP 104.26.1.241:0
File type PNG image data, 325 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 61808d45a998fb0d3a3f3ff739e9a423
8a31da5ecabc40bcdbb73414b3cce771cec45c13
7aa416e6fb021fbdef75ed118bf59ef87ec2186e93220abd87711e6e595f5e7a
GET /img/static/gplogo/h-dark/yl.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 27911
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-6d07"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQNH7tL8vZ%2B6xgNF5ON9m%2Fwt9gRXOIhRmcaW0y4nE2oPt0AtXAIJLuJHDsK3bUtXC8ka5lfSQKDNCEfE%2B0ODbSoEZvGcsA8VgjR3rG3H%2Ff4wcZx462UohMYZVa0O8OJfhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5dac0cb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-animal-sv.png
104.26.1.241200 OK 42 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-animal-sv.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash abc99693ad4cf5d05e88714e94402e36
0019832dd91ae4d631c5e72d9e28a0e7ba15c5e6
7d101eb6cddcf0295f0aa1bc7167205194fa1929a669a7d2854a109e94ec5e24
GET /img/static/desktop/sub-menu/sub-animal-sv.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 42054
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-a446"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icJfIhOnYxxCin%2B8W2lJ2y1cqRbpw%2BiGuBz3p9suJD0RsSDASubCOu1sLpersHQRLxue3Es2fNoV%2BdU23aHB0nKp7LTC20SWq0luYzVLkZOfnrtmxG7%2FVlA9emZ8nSRXAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5caad0b50f-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/9361.9814c206.js
104.18.30.232200 OK 34 kB URL HTTP/2 www.8.ki/static/js/9361.9814c206.js
IP 104.18.30.232:0
Hash d653553f9316289eb49596004a131b85
5cae3c697f5d32e360d72bbe904561a3e0653c56
2734fd269e3e367007a25b3f42b4ff16eba149016fc59e4aaa65ea39f1bcd660
Analyzer Verdict Alert fortinet Phishing
GET /static/js/9361.9814c206.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-51f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4aa942b4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-dg.png
104.26.1.241200 OK 24 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-live-dg.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 754db772c36013143a8bff8974ccbb1f
eacfafd7e56026a7ddce5390b97063374b893257
469e85dd69b0e847ebc8399e9590a6d47810f30d2a2688b1f021d35248b34dc6
GET /img/static/desktop/sub-menu/sub-live-dg.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 23743
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-5cbf"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuIBEO4b5hj8etaot3F%2BmxkAEMqk1XVKWiZRNy9KCDaaclz%2BAhAn3kKFLq4nOFLzRRpQD%2BUmfKxfqbUakMjf4%2BPxqUCzzodWCulhUp8y8%2BKgTe2LL3KCVzU3S82fnaibvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5cbadfb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-allbet.png
104.26.1.241200 OK 26 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-live-allbet.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 47aae815db345b9ca22a87027e55a43c
88a8465ebfbbfdd90874d134e8181131c7059ade
2ad74a925bb73db8e747f49b368d7b9b6d69f3ee925917415ba7b9c60058d8a9
GET /img/static/desktop/sub-menu/sub-live-allbet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 25688
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-6458"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezugYjfo7slit1Ojj9sCeYINF0o1E0tDdySt4oM4wsISMI4GDiGiTrze8NxNdxpqDq%2ByU%2Fgmnt6FknNOCdnBr9p1M6QJ3G7Q6WhpyLhr7zuAZbDQiLqx%2F5gbEfw%2BUqu6qA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5ccaefb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-bbin.png
104.26.1.241200 OK 22 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-live-bbin.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 768010c008f58914c82d67f5905685c9
43a0e7165019b32be66f94bab16aef3d87223bc4
2321bc11d44bf170caa975217cf7dadfc17c779e238ff87de45b756a43c9f8ad
GET /img/static/desktop/sub-menu/sub-live-bbin.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 22213
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-56c5"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBehVHmkuQM4Pi%2FrsMXPfjmj2g7hoQE%2FxUS%2FJmgpynLQFjbdbVy0%2Fk%2FiQp4fLCkha%2BoQurSfA1W0doRkwBDqmmahtm0eGGd6FQi2EKhtMrOWTnPR1rnA5E8%2BlfdUGs2syg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5ccaecb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-saba.png
104.26.1.241200 OK 39 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-saba.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash cf561c58bf26d48ec2586524f8234d69
07306e9307701fd9ceb0b8a2bcdb07da87951067
d8576f0e2c410ec07dc9cb255e99d5d66dba644d9ac57e0f4abfa217615ab5e0
GET /img/static/desktop/sub-menu/sub-sports-saba.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 38757
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-9765"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skxuPraBxUQ7sanYEe1PSbLtMkTDDDv7Ui6S1uVHlRXV9FayfcmAxz8%2F0JPpIq7jhK%2FHHKQlqiVWwtu93nktZKUzxPF2EYYcLF7K1bEVKAsPs%2F057whPSZjL7D4VOfMShg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5ceb0db50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-mpg-jdb.png
104.26.1.241200 OK 41 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-mpg-jdb.png
IP 104.26.1.241:0
File type PNG image data, 315 x 354, 8-bit colormap, non-interlaced\012- data
Hash 3759a0fcd8251bd0e0d369707fa6b9c7
07e4e077b336826e8b724c5923b264b47d042fc2
3631d5460d399bd92abfc2e8c12c14598404bdaf315ebb9339fa2ca68f70d4b0
GET /img/static/desktop/sub-menu/sub-mpg-jdb.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 41066
last-modified: Thu, 16 Dec 2021 04:49:31 GMT
etag: "61bac55b-a06a"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpFwDWoYr3quD20Hws1Ua512jH5iVMjn5j9J3dDLMPoxn5DbfXdu0UmVJkNXab3uNMyaUKXK9hR4LCf3P13xQt7lCES64NGM3iHEb2MoT4VtwM%2Ft%2FIngLo3dg2gPmAReuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5ceb14b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-sbobet.png
104.26.1.241200 OK 36 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-sbobet.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 9b9843d55d093f303b8e36bd699e934e
1cdd20237da0b16b6b3547a7ec151e80deb125b4
7d6365265125269f843c6c3824805a5e87fc2e12a3725025a37ed06373b78de1
GET /img/static/desktop/sub-menu/sub-sports-sbobet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 35836
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-8bfc"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xu9VrLP2jhECG7DS0GIH091IZhC%2BwsNoGW4%2Fc2Ans%2B5eLOMdLvxYT5ZyWbuGGYFMZpcvIWdy91KtbhmiDGKmdXGy3%2FQra3C0Mp%2BjeO5IAG9lWO5%2BZAlS%2B%2FvMrMmFSLnRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5ceb10b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-mpg-cq9.png
104.26.1.241200 OK 29 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-mpg-cq9.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 8b191bb7363288ec2b9ac67c4fbb688a
db63be83f4d48fe22efcf15d3b09a36d29e4d2bc
1f8481ce43de9130441291f9fbdd50619b36abca531720ac9a97727548030a64
GET /img/static/desktop/sub-menu/sub-mpg-cq9.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 29408
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-72e0"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USucItxeRS%2BcM%2Fey4bQkbrFCZw2fGnD1vVZaa2XY79cPp5RjAwUaLFbDdFjb4FpP8ghzwIJA7RhO2CHFvT%2B9ufI1K8Cngu0NECCH7V9xqk9IH%2FWDFVF7CWuoAWaTdfVntw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5ceb11b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-lottery-ae_lotto.png
104.26.1.241200 OK 31 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-lottery-ae_lotto.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash beef160e01f17b526177f820b9c39291
a240373a1fae5190508b15be2d8494751133ebaf
0c8eac2e67a93624ec3ac0c4cb578f4d91733e24c02b942c973ee6217b0d5ec3
GET /img/static/desktop/sub-menu/sub-lottery-ae_lotto.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 30634
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-77aa"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPW1sPjKnHni3VbiB5CqMDMh%2FPxy3qsyaR1S1hU0yhL03htZe5%2ByxdWx9LxXVveVZxKZAQC1DR2hJ3yWFzCtdKANV9fpQd%2FbLuZuCxpTR2yTsDNmLcR2CndEhv5%2BlO3E9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5cfb2ab50f-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/main.9786b1b6.js
104.18.30.232200 OK 341 kB URL HTTP/2 www.8.ki/static/js/main.9786b1b6.js
IP 104.18.30.232:0
Size 341 kB (341130 bytes)
Hash 516bcf699218c29eb1cf6e9a4bf66805
94c57120792d9446a412c11e4fd6acd789c08957
c3e91357465d28bd656df078f7c639fe70e72f331286d79cbe93a1ad46886126
Analyzer Verdict Alert fortinet Phishing
GET /static/js/main.9786b1b6.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:36 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-9cbc7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:36 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e41a910b4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-ae_play.png
104.26.1.241200 OK 38 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-ae_play.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 8d076ee352cebd5e5e9f398850fc77b6
22530a87fd32684ccc21b6f7b40934b10bc65113
0a6a2c5dbc68fd34388652ba7376589f3f408c9365aef8cf29c808c49f6d8e3e
GET /img/static/desktop/sub-menu/sub-chess-ae_play.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 38016
last-modified: Tue, 17 May 2022 07:23:27 GMT
etag: "62834d6f-9480"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVB7oasmJLqY%2BTQdBAph7Ly3s8EaDMvkO2EZFRMgav1t9EfxdjHsNEU5sjc%2FzDlJiZ3XswB1jVHwOLH2MsQevSxBPslEez6unnQxS9ez5R4myNkJ63NnTydJEoW%2BG0u5tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d0b4ab50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-esports-tf.png
104.26.1.241200 OK 38 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-esports-tf.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 50ccdda192a6239bf8afe82ff2aeea67
3b72d445d5e9e38c31d125d435cb1d8a6004c683
70452132cc982b3576730c0747f3f37c40997ce2ef8bddfc73b792c62bc29024
GET /img/static/desktop/sub-menu/sub-esports-tf.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 37489
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-9271"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K85B3K0i4%2FqEnhAuSdEyqINs5OaAsZWrBPdFEiAqSmpNPuOa1WguFLPX8m%2Ft%2B1YZHMmvxRhaD9H6YbJoP%2FuDzmL6PT3n3nVBfLs6ELKKFfGreW6ljCgQZpxNmJPUrpA9RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d2b80b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-cq9.png
104.26.1.241200 OK 43 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-cq9.png
IP 104.26.1.241:0
File type PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Hash 878c28c70f1ac0d8531177265f0562a7
cf1c5be6063b71dc800ebfd8cdfc8b65160a0696
b9a6b2224283fa784605103bdf17f59447dea93ee0108de3358dfcc884b9ae6e
GET /img/static/desktop/sub-menu/sub-egame-cq9.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 43167
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-a89f"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzIB25h3acZecyWw%2FsCVpn4ZN3PFt19hLD0ig8dYSRaKOE07NS5KHQPolSpT1duwuym48tv9Qm2FoPg3hfU0M42d1AbLi5OHercGYaCbtLgKsIPxx9f16OUpmHfKiwl%2B4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d3b8cb50f-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/3562.87afb9b2.js
104.18.30.232200 OK 448 kB URL HTTP/2 www.8.ki/static/js/3562.87afb9b2.js
IP 104.18.30.232:0
Size 448 kB (447986 bytes)
Hash 11dc4065100076bcf53f5ea8e8b4b14b
23ca91b5ecb05ab5f7b6f4f134016e8437a963e2
f7f3f960d8de0201e5cc4e7d89e693e6a486380040bd8b5041dce2999050bdb6
Analyzer Verdict Alert fortinet Phishing
GET /static/js/3562.87afb9b2.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-2d95"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4a7915b4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-jdb.png
104.26.1.241200 OK 47 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-jdb.png
IP 104.26.1.241:0
File type PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Hash cca4544281026176c7e256b1cf94b1eb
3d6d6c41bf8356d48b5bf5a3cbd77f3458f030f4
8925bfe7429f49dc6fc729045554d6d97bab7ba6d2b8d0fe1ba3e70039e2e506
GET /img/static/desktop/sub-menu/sub-egame-jdb.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 46876
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-b71c"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oq762FG0ZFtZTGPEPbwgb8yepxuR1czuHp%2B6Rj3mSIeUfCCrZknNdiIRagCM08J6X07wc3lsIhe8ooDgSdPVnx4ny4l3Djf4izxyToL4cp58%2Ba2Z%2BuPi79z5SjHz%2Fqn8uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d3b91b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/vn888/ads/d3263e0f-e23e-4402-96d4-10b9fcbdea46.png
104.26.1.241200 OK 380 kB URL HTTP/2 csi.20icipp.com/img/vn888/ads/d3263e0f-e23e-4402-96d4-10b9fcbdea46.png
IP 104.26.1.241:0
File type PNG image data, 1920 x 660, 8-bit colormap, non-interlaced\012- data
Size 380 kB (380154 bytes)
Hash affd3aac8e8abe19799d4b95096d24e5
5dab54ccdfacc0556beddb0dfa4fc021e9c56c86
24f5570d608c20ec7f857e068e7eae58407512218effe84329f2e117586389d6
GET /img/vn888/ads/d3263e0f-e23e-4402-96d4-10b9fcbdea46.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: image/png
content-length: 380154
last-modified: Wed, 10 Aug 2022 07:46:22 GMT
etag: "62f3624e-5ccfa"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2zVzSpk1hv6ga3G86fteAKeNh%2FQ3ayRJjVii4aBs4H7Lt4xYFr5Qg7e5fNIgePrbaPN5jWmBwjpu3mRA8dT11wInshXvSD%2Bmq4krqUW%2BP33oQkG7arQbqq4TLT%2BVE6lRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e566c9ab50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-ameba.png
104.26.1.241200 OK 39 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-ameba.png
IP 104.26.1.241:0
File type PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Hash 1cc4718957a130a220dd73a8482576c8
18677291ef6eec2fe963ce0791f697bc490ffc3f
5621cd0f7df6bfc2e692821fd15ddc2729d216580fb7b84ba9fd6e85ad8959bb
GET /img/static/desktop/sub-menu/sub-egame-ameba.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 38972
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-983c"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SNKKiyPac3gqlORrz2ONJWE0JxV1j7jCzrZFvdJkijB7F4OrawLu1sqU7xr%2BUWYRYddzawZ9xV5LevtM%2Fgm0fGmLJyDaEDM7X3%2FisZ85TzwL%2FceOV6arkEkoHFzFozdJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d3b8eb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-rich88.png
104.26.1.241200 OK 38 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-rich88.png
IP 104.26.1.241:0
File type PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Hash 96062755ba4e4d53d7be9692af9b6968
1550efff6e1fd76b1cb4f220d96a2d7bb0aac4ea
e112717225b82ba8b200d92806a713a51b4c565afb5478c72f8cebbf0036045e
GET /img/static/desktop/sub-menu/sub-egame-rich88.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 38034
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-9492"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXjVpR%2BcuJCSAGcAApF%2BOECwMuVTt6Oajcs2IA3Fvc3FRdxwVRHYwYh7ap5UuEbEGeoVpRiCETSsJ%2Bso4rEmErfog3A5TDHCKUTjlxyiwxIGWnyVzDaq%2B8x94Dde8FBRhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d3b9bb50f-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/3129.d0e75e99.js
104.18.30.232200 OK 346 kB URL HTTP/2 www.8.ki/static/js/3129.d0e75e99.js
IP 104.18.30.232:0
Size 346 kB (346199 bytes)
Hash 88d26eb3187ace13f02be21573ceb288
ca09dc4fe10cc5fc5ea674b41765a7c1aa2cdb21
db9b54c4abb4accef01f6b0d017bc397dc0bf989334edb1ec116c424f591a0e6
Analyzer Verdict Alert fortinet Phishing
GET /static/js/3129.d0e75e99.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-caaf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4aa93db4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/dg.png
104.26.1.241200 OK 43 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/dg.png
IP 104.26.1.241:0
File type PNG image data, 434 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e4d451b7b786e822f69a990bcab5e52
9da884d73fbf892858f5e77c0ce5822ebd7df57e
00e1b0bb1370a795c028bd275374cc8b75460a952d0cd77eff7b957cff5733a7
GET /img/static/gplogo/h-dark/dg.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 43124
last-modified: Wed, 22 Jun 2022 06:45:20 GMT
etag: "62b2ba80-a874"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciD29l9SyJNQGHOPEpk8QS%2B1%2BiaoLjxtELO%2BL3jTMMnOCFeiBsOC4N%2F%2FrPlRJ2O36gA7k%2BLRqEFfDxIBh5%2BIguwbjL01JhfUYJXBtSM0tNz%2FSjvhw%2Fj44PwlAkYQ0I9OSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d6bc4b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-sexybcrt.png
104.26.1.241200 OK 24 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-live-sexybcrt.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash f3b16911d036d060d5eb6447df5c016a
1c4254718bb425d6b08778bc4fa7b32a69c33f28
269c68a84c2b28b0abff02a59521c0e69a854ba779de8b0ee337fd63b275edfb
GET /img/static/desktop/sub-menu/sub-live-sexybcrt.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 24466
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-5f92"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpS%2FulbunKaaAVaYjAkZ94MR%2B6LUlaZHcoNCko43MXOMFIdyMfvMlAl3AL0ABlXYOw48UPxCQ7ab9veyUaSdxQjCGNi4W9ZUhI%2B9FiIPyMQMuhXd3VyRZIyDcu2G9XotJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5caad5b50f-OSL
X-Firefox-Spdy: h2
api.8.ki/vn888-ecp/api/v1/games/allGameList?limit=10000&offset=0&platform=2&sort=ASC&sortcolumn=producttypeid
104.18.30.232200 OK 174 kB URL HTTP/2 api.8.ki/vn888-ecp/api/v1/games/allGameList?limit=10000&offset=0&platform=2&sort=ASC&sortcolumn=producttypeid
IP 104.18.30.232:0
Size 174 kB (174507 bytes)
Hash 6b990dc09380c388b7ed56a4b6db54cf
bdd216b28df156f33402007799148ea9d03e603e
e9fefa0924dc26caaf787e59878bee88e46903bc094ebaad22a7c63349aea11c
GET /vn888-ecp/api/v1/games/allGameList?limit=10000&offset=0&platform=2&sort=ASC&sortcolumn=producttypeid HTTP/1.1
Host: api.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Origin: https://www.8.ki
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=FOG.2PKeWXgbkGTklSoO9oerdl4C7SxH_6IQ69oxThA-1662701679-0-AYb/z7bYGj73cqbzl6ICWjKHxHmQMJzXBRRTt3lb/AC/XW97VkohUh4HSc3X5/IgkMGgFbIrFoGrCrlbfBkQWP0=; path=/; expires=Fri, 09-Sep-22 06:04:39 GMT; domain=.api.8.ki; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747d8e534df91c02-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/4726.255522fb.js
104.18.30.232200 OK 40 kB URL HTTP/2 www.8.ki/static/js/4726.255522fb.js
IP 104.18.30.232:0
Hash 5c398a7ce280752ff160bc8149892df5
91f92e0dd6ad665be9bf826492ea8a2ce09ef42e
c046d55234d0d1b56a77677fce19cd7a3477853d4eaf85eebfd8e46e62e8dda7
Analyzer Verdict Alert fortinet Phishing
GET /static/js/4726.255522fb.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-aaee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4a891db4f3-OSL
X-Firefox-Spdy: h2
api.8.ki/vn888-ecp/api/v1/announcements?anntype=1
104.18.30.232200 OK 25 kB URL HTTP/2 api.8.ki/vn888-ecp/api/v1/announcements?anntype=1
IP 104.18.30.232:0
Hash 1e59668b650150054bf15ec910e68e4a
902ff0239fc70185ad819882d151c15ce3a1380a
70d7c970563f31054e0c4f7694e973de0c3ebafe36687f447441bee42a24544e
Analyzer Verdict Alert fortinet Phishing
GET /vn888-ecp/api/v1/announcements?anntype=1 HTTP/1.1
Host: api.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Origin: https://www.8.ki
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=a.816Kzfa9eYvGdC2r86HTNWi.WG_M9bDKE4hxCIzJo-1662701678-0-AY/Qu0+OqOuChK/meAZHA1BgfP9hXdh3FvZxBlJMTnYTpFlUXAdW5TzI5wTPk0rZ/vSKXZWzs74clHnH1kMz7nM=; path=/; expires=Fri, 09-Sep-22 06:04:38 GMT; domain=.api.8.ki; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747d8e534df01c02-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-ag.png
104.26.1.241200 OK 25 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-live-ag.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 78d6c56ab3726e8f64550b436994364e
82e235e89fc58c8fde93c7999e730aff29ddc2eb
b8b6161ddc7525558901d67abe70bcf77429443aeb6603eb8db4e1283d42f653
GET /img/static/desktop/sub-menu/sub-live-ag.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 25418
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-634a"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9NRvJ6C2FWn7z%2BkT4vwBh3fZLEXk0xoBw7z%2Fg%2FhKFutkeLzUq%2Fwj5TLGLWQM%2FaDJkS9uiBUjNh6sdIJSO8TXUL2Py0id0Zdb%2FkiHEYm859PFNJDH3AIjXLktSOBAO2N4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5ccae9b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-cmdbet.png
104.26.1.241200 OK 36 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-cmdbet.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 998a9e09b30e1dd4320505b72c1b97d0
9dfd6adf7e3d69994b668524be343f9384d23d17
020f31a8ef716af2073dab7d4d38699461c1c403900e89dfccebffcfb0902519
GET /img/static/desktop/sub-menu/sub-sports-cmdbet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 35750
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-8ba6"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuUFLGw92fooLN0hCF0DFWnOitTPRA6gfIh9r5sb%2FoeGQwLPfSnGhFiqH8B545IGNfNK2Lndt98RMK18ZgtDFrlYG42hVqnlLSHsYFGraNIQ4o7qVi%2BD%2BVOFnl36MgdfeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5cdaf7b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-live-ebet.png
104.26.1.241200 OK 26 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-live-ebet.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 08a6e75f3710394dc3c6ebd2ccaacfc6
975da62de96268cd4474c182c2c3930c41091993
c847ddad5550bb78871ea2eeac14af68ebeec707d6a67483f487d0553aff60c1
GET /img/static/desktop/sub-menu/sub-live-ebet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 26025
last-modified: Fri, 17 Jun 2022 03:14:22 GMT
etag: "62abf18e-65a9"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeT8U8DI9M%2F2jm7KHiZp0HZlUd3i9HgldbKph%2B6bhxVNHHFgtPQ7YftQPGePTdousJnP%2FXNu91JT1pWvpkR8H4ruMr87UGb6aR71mT4eg0VvQA2YoBkurWuTn%2FLkNEOj0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5ccaf4b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-ugaming.png
104.26.1.241200 OK 38 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-sports-ugaming.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 65605136144c7458561ab0304a709f95
222b266721f59eb625409894fc07c901a04feb3a
4691e6cfeca35f195e51695d4f62c907cd51d9969300910e9f2ffa8fe997f918
GET /img/static/desktop/sub-menu/sub-sports-ugaming.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 37810
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-93b2"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVfHUFSaDkG4y3y9e%2F2kJ%2Bp2jSYUQAuMYoeGwLUMuNKwCdH8%2BiPW%2BBc6QGPBVTqiO14Y9RiwtAdVkPRXizDMhmbMTpNZnf7OWTj6zSe%2BQnLUypbICXPmAsyLXGSp2neG2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5cdb05b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-mpg-yl.png
104.26.1.241200 OK 28 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-mpg-yl.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash a26efd2ca604426d51d410191d583d6c
7954f1abaad5093c93f6f0d9614b5a287de51d0f
591c2d92b6206ac07f351b8c0a6de667d5e35029e11146b43ae8b64aec748d53
GET /img/static/desktop/sub-menu/sub-mpg-yl.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 27989
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-6d55"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaQ0M4sZvR%2BeGihk6%2BwvpoiWAkvODgAzTpoFTtDWJe9akHhq8IpdMQwhRj3K%2B2O8GFMzwtAKj9BFrrzytGJimspN3kvBltRrJ19YIaykOSzPF0njOLsbqYDhZcVHn1wFhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5ceb1cb50f-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/7283.7d590fa8.js
104.18.30.232200 OK 48 kB URL HTTP/2 www.8.ki/static/js/7283.7d590fa8.js
IP 104.18.30.232:0
Hash 1d8490f171f3467d02d296fe0ec4c28c
121a0d68ac67b5126ee2cda4620302dfabc4d956
56b58f04769013aa4221bd2bbac412f122f23cf9263f2e2283b3bc7833ab800b
Analyzer Verdict Alert fortinet Phishing
GET /static/js/7283.7d590fa8.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-b225"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4a7913b4f3-OSL
X-Firefox-Spdy: h2
www.8.ki/icon_256x256.821e7a060c30100845aceb4945357df4.ico
104.18.30.232200 OK 135 kB URL HTTP/2 www.8.ki/icon_256x256.821e7a060c30100845aceb4945357df4.ico
IP 104.18.30.232:0
Size 135 kB (135341 bytes)
Hash 06b8cf1f3871d4783d3499966a450187
e79e22de6b45dc665ffe750bf07908db3f8173c2
787216a62b46acf77d09599720cecc3dd6be29a396d1d4b3759904a132c23d60
Analyzer Verdict Alert fortinet Phishing
GET /icon_256x256.821e7a060c30100845aceb4945357df4.ico HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: image/x-icon
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-27bd0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e47eef0b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.8.ki/favicons/vn888.ico
104.18.30.232200 OK 133 kB URL HTTP/2 www.8.ki/favicons/vn888.ico
IP 104.18.30.232:0
Size 133 kB (132934 bytes)
Hash fdf2752503876b66b1f39762e93a4fb8
226081a1b5bc455ba0e014eb2226e5a6b09dc56e
6adb64487ecdc47fecd663c927f8a796ff7c3a1757c98b485ad293aebf123672
Analyzer Verdict Alert fortinet Phishing
GET /favicons/vn888.ico HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: image/x-icon
last-modified: Wed, 07 Sep 2022 10:58:42 GMT
etag: W/"63187962-27bd0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e47eef2b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.8.ki/static/js/8955.5ad7dc36.js
104.18.30.232200 OK 228 kB URL HTTP/2 www.8.ki/static/js/8955.5ad7dc36.js
IP 104.18.30.232:0
Size 228 kB (228194 bytes)
Hash 706fe57862e78c273ff5cec88b52cff3
e10bee1ad44e0437dcd3f16f508a6750ceef35cd
46e1c2931ef7654ba54eb63aa838b40020feb7f7823d2ab0a788d60440317b9e
Analyzer Verdict Alert fortinet Phishing
GET /static/js/8955.5ad7dc36.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-989d9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4ab948b4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-kingmaker.png
104.26.1.241200 OK 39 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-chess-kingmaker.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash 474b84e1abecad7d17daa185f3881ce1
f16cc17f544362c3df4411a60e11451da7b7beff
57a6ea3ac9224880dc7dcabbc6b365b44c523269b713d75bb5b6bc3dd12203e3
GET /img/static/desktop/sub-menu/sub-chess-kingmaker.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 38660
last-modified: Mon, 20 Jun 2022 07:34:57 GMT
etag: "62b02321-9704"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2Fqa729%2FqMjiWa3IYMbbAhJSZGEqIFYgr1itKHUcjdoXUJUdJ5aVTF0DqzltFDhSUQYk98tDL%2BZ9%2B9RHgElACXrj8OWtxmwskBRN4JX%2FvHdCBba1Co9MY1rRildBxTr%2B5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d0b5ab50f-OSL
X-Firefox-Spdy: h2
www.8.ki/static/stylesheets/2593.3dc2d719.css
104.18.30.232200 OK 664 kB URL HTTP/2 www.8.ki/static/stylesheets/2593.3dc2d719.css
IP 104.18.30.232:0
Size 664 kB (664165 bytes)
Hash 8f8b0576f66d2bbb5e6232f298d826bf
1fdeb41c35023cd2ac9eca37a7ea67787cad4df8
69cf2c113863e2bae95627a8e4b2f12a0d05a5f15f53ccd02af3c99278b017d4
GET /static/stylesheets/2593.3dc2d719.css HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-9c5b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4a992cb4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-esports-ae_es2.png
104.26.1.241200 OK 36 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-esports-ae_es2.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash e22ffc80678c9dccff579cc76e6df5cd
2896628cb2d6dd45d6130088ba0f06c69f1a2c46
8b6ecceba0bd780bbe3df420be20760fd95010732273d7d670b177d29a2b19d6
GET /img/static/desktop/sub-menu/sub-esports-ae_es2.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 36183
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-8d57"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUifGwgy%2FeYNcxzzSml7vz6PK0Vlj3R5K1rQctIHlaQZGQTLzEYVuynCToY3jKhD9EXjzsa7p%2BmVlA7UMorBKiAveNMSRL7Gj8ktSyEmVOAn52Q2HVfAADlTn2ILZ54fAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d2b78b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-ae_gaming.png
104.26.1.241200 OK 45 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-ae_gaming.png
IP 104.26.1.241:0
File type PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Hash 78bfe6bc81f723791a5136a9ee625386
763e0a1e7b4c279d5bf49672ca9b1c3186e7b517
e5379ec000d96fb5722f4011c92a6ec774fa074cabce4b1520b8a405ee2b856b
GET /img/static/desktop/sub-menu/sub-egame-ae_gaming.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 45372
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-b13c"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBiSEAQMbZO0oZfFQ3bNQEFI0%2FsyS264%2BufzQVrj7OQyQ2%2Bn%2B%2F6s76uJbvGO2ozkUybXCNR3MfkILqV3%2BAXuwVZzpcnvR3iFAIj%2FwDOKBGFEXcA8xAa8rh50sCFeMpsCVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d2b8bb50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-ae_play.png
104.26.1.241200 OK 44 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-ae_play.png
IP 104.26.1.241:0
File type PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Hash c4dc2e014881faa381003f1aa1578e10
044755cb85f1c2da60beccec3ee97ec76f926a8d
bf71f930a3fa8c056ae4576c1a1a4027b40f5f5c9e878351725f51e9f04b665a
GET /img/static/desktop/sub-menu/sub-egame-ae_play.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 44001
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-abe1"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWPWFhl2fzCyCZJXLvJ7GcEIopxhcqfTcuKG%2Foncx%2F4UogDz9snwBVxVK2ZzNS%2Baij3peb67MU4fqTUgXFkVwaSM37rXK%2BHatyiu4QA6lQmGelNbfUm4uwirgfn6O%2F5Xsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d2b8ab50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-mg.png
104.26.1.241200 OK 35 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-egame-mg.png
IP 104.26.1.241:0
File type PNG image data, 300 x 400, 8-bit colormap, non-interlaced\012- data
Hash 0c466727c1e91d2989dbced881ec6836
591947ae4f2894ca2f18249750f69416aa316ecb
f324e1e6f91ca9c7c8e47fd368d958d87be6e2d58334f179637955cb44d101f5
GET /img/static/desktop/sub-menu/sub-egame-mg.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 34826
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-880a"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2X9hahA9boxXUft9CmkhnNCEN50ijcS7yNIcvjgOIUE%2FSq5cLDq3zJ91DY3yfvoVLVLeucdqIJUBkEf0iVjLpLxLJdze%2B%2B49anx1xtCCQUD2oUKOcvQ%2Bc9DPun66IxWegg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d3b94b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu/sub-esports-saba.png
104.26.1.241200 OK 33 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu/sub-esports-saba.png
IP 104.26.1.241:0
File type PNG image data, 300 x 350, 8-bit colormap, non-interlaced\012- data
Hash a4d07c14906fb20445f40c1a6b13bbbc
f34bd536119dab3324fadb4495737a9a588a068a
39cf8224a5e360d3eb0bb894c94193a327dc3d702fc9048c3f1f62734784086d
GET /img/static/desktop/sub-menu/sub-esports-saba.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 32964
last-modified: Tue, 17 May 2022 07:35:35 GMT
etag: "62835047-80c4"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgTY%2Bnb8Mzz2O5GdLVFRpEKhU5iFxyISPR2Ts31Ts12mEJzQqjdr8oMGV95kSuGTvScHX7sVyAd3g4y7y6dPK6onr%2F6PbgFRsSCPJT6WKdI%2B1goA33T4QVhtFT4OrK2l2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d2b88b50f-OSL
X-Firefox-Spdy: h2
api.8.ki/vn888-ecp/api/v1/staticpagesettings/Info/orders
104.18.30.232200 OK 665 kB URL HTTP/2 api.8.ki/vn888-ecp/api/v1/staticpagesettings/Info/orders
IP 104.18.30.232:0
Size 665 kB (665127 bytes)
Hash 5d32ee90376b106f5c1db9c11a77db3e
f44d785d50f0ef2fd41ffbe0352bd62351e0fb3a
2363ac451abc9a721ce28e966809b36648532ecdc03937f7c17b3216f016037c
Analyzer Verdict Alert fortinet Phishing
GET /vn888-ecp/api/v1/staticpagesettings/Info/orders HTTP/1.1
Host: api.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Origin: https://www.8.ki
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:39 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=gOw8c4osqJM6O7PXXv0sJfzjpHf6dhg_A0HMtL6xfT0-1662701679-0-AQR3jxV8+nOUPm5AqpGd4MYMYJTSl9jKTramYRZCV2fJf4SWawkuLLdS7N9NuxHrYD/CC6oKFzhQi0sd2pQG420=; path=/; expires=Fri, 09-Sep-22 06:04:39 GMT; domain=.api.8.ki; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747d8e534df31c02-OSL
X-Firefox-Spdy: h2
api.8.ki/vn888-ecp/api/v1/ads?language=1&platform=2
104.18.30.232200 OK 647 kB URL HTTP/2 api.8.ki/vn888-ecp/api/v1/ads?language=1&platform=2
IP 104.18.30.232:0
Size 647 kB (646884 bytes)
Hash 7cdbc456e0ed5e4577ec9f3b4f840ebc
82f3a535b9ea43ba7cdc29ca4175df004da43dda
fd343fdd51e668dd02dcaf2ef97592b8a70ae4994bd0214c1574757fbeba1865
GET /vn888-ecp/api/v1/ads?language=1&platform=2 HTTP/1.1
Host: api.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Origin: https://www.8.ki
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=hmi4Fo5wPuDfU1ajgZsl2zEMTYZGkuN2WtDR4w4pr7w-1662701678-0-AcQhBErDMpriiHWVw3W1K3hDBXCDXT0Uu+58VfcfChhrcDAaTQp4+0l0N7b7uTZV+/qJzz2FcX42u5DgF0qtuhI=; path=/; expires=Fri, 09-Sep-22 06:04:38 GMT; domain=.api.8.ki; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747d8e534dff1c02-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/d-Home.9fa96bee.js
104.18.30.232200 OK 580 kB URL HTTP/2 www.8.ki/static/js/d-Home.9fa96bee.js
IP 104.18.30.232:0
Size 580 kB (579661 bytes)
Hash fc83abc1220a710e851f7dbb3a742a60
978f93f072108a6e324f2e8bf65594ef503568df
0790550c9454ce23c33651bcf91f6a4897717c7bfc53cf64578107f22c4179bd
Analyzer Verdict Alert fortinet Phishing
GET /static/js/d-Home.9fa96bee.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-4d44"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:38 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e52d8ceb4f3-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/ebet.png
104.26.1.241200 OK 28 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/ebet.png
IP 104.26.1.241:0
File type PNG image data, 336 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash a9ef202ea1121f9f0bd71704cf85544e
2a3903492c4c3483d3a143eca6d060371e1307d8
588ed9be4899ff835452e96044a4781f07eb239a9068c119b24c1cd9102a1bf7
GET /img/static/gplogo/h-dark/ebet.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 28066
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-6da2"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VIZs0TMztvyht0zXLpeWiRL3yloDUZIUHIE0eRE6a3hHP%2BTbjSEIl6jIHAHUnj%2BGYJBunFbcWGBxxx9BF%2Fr2IlTNYwA%2FFqPwOT3hhx5oGdeS7E4ylmElRNDl3Khmucx2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d6bc6b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/desktop/sub-menu-bg.png
104.26.1.241200 OK 19 kB URL HTTP/2 csi.20icipp.com/img/static/desktop/sub-menu-bg.png
IP 104.26.1.241:0
File type PNG image data, 300 x 300, 4-bit colormap, non-interlaced\012- data
Hash a1086ff70294cdf527580e13c8923975
8e37714d58d81fa4765c4b553371aabf538197e6
c363e17d1c224804097c8f5b2210ee405d750c387c1c72e87082d4b7d8065159
GET /img/static/desktop/sub-menu-bg.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.8.ki/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 19012
last-modified: Thu, 16 Dec 2021 04:49:31 GMT
etag: "61bac55b-4a44"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtPSS2h%2BtI7ZJkO2v5zHRzh4vWB786Zvob9gAsn%2BwHZt%2F5BWehmknKHXKV8s8yKmYoCvgcyqve573flgj9qkeas8GoM%2BbeEPRysb%2FtpVRldbByrMpSJ7UT3BLAGaCoEaoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5dac0db50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/ugaming.png
104.26.1.241200 OK 38 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/ugaming.png
IP 104.26.1.241:0
File type PNG image data, 315 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash b46ed5bf2b03bc3b8a23437957cb67a2
5da542d8f88784bf1ca11211dd994f4cacd8a9f6
508fc8dbb147a819546b83301f4b1beffe52b62906faaaf54c9ffadc714d0a6c
GET /img/static/gplogo/h-dark/ugaming.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 38035
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-9493"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wabiNcIlnGJQAJHvB%2F1b%2BtfOjsTCKAT6UvGY7OQbC8EBMqyXfT8oLTA6x0uvFEA5WO4JfJkmRCS23%2Bz9jZqkKccgsT%2B%2BBmbbLJeBQEG0rqxdsYRJEJxCqDrzWHXVRilYRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5d9c09b50f-OSL
X-Firefox-Spdy: h2
csi.20icipp.com/img/static/gplogo/h-dark/wm.png
104.26.1.241200 OK 28 kB URL HTTP/2 csi.20icipp.com/img/static/gplogo/h-dark/wm.png
IP 104.26.1.241:0
File type PNG image data, 388 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 352128c68069300455beda7bb3f90ce8
4423768ef6342d5013076213440428be036d7d03
43256cb9432d7989a7a04744d535dc2124303cb7554a0651465bc5f1af1fe04d
GET /img/static/gplogo/h-dark/wm.png HTTP/1.1
Host: csi.20icipp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:40 GMT
content-type: image/png
content-length: 27578
last-modified: Mon, 20 Jun 2022 06:27:03 GMT
etag: "62b01337-6bba"
cache-control: public
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=664bHxxDcfEPF%2B919xnbXn0MYPgGZ3Lcooe5S5WwT2pDep8zURt8bT%2BOtoyBPRUoyAT3KLXgGm1oPNo27QSDE%2BrcqdfT54PF3gLhqcf%2B6V1bIiX24EPplBxhaEcaR8fMfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e5dac0bb50f-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/2576.c2e88a9d.js
104.18.30.232200 OK 956 kB URL HTTP/2 www.8.ki/static/js/2576.c2e88a9d.js
IP 104.18.30.232:0
Size 956 kB (956000 bytes)
Hash 6ad56ffda5c148022e5709b17da5f9f9
61d6d7a544eb81ff9a80c1389d8f91a69410e0f7
434e96706233528503eb67c0e05cbf02c46de149b2927a6747da7b54938c0256
Analyzer Verdict Alert fortinet Phishing
GET /static/js/2576.c2e88a9d.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-279f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4ab94cb4f3-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7d3752fb9bfaa323218e5a7b93aa5c6
08b4d519a099b04a9f1515377d02e51575f3321f
fa33f2240aea7395b0be62683743523beb1f0f11cb390f4d532e3474610a812c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7646
x-amzn-requestid: a1a8ac97-ed7f-4eb3-b704-b553d53f9279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEaEoHoAoAMFkwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63180a1d-34dbcab50e2f495d4acfec54;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 03:03:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EL9_xDX27FFKUXhp2GUBHaED9grsbgCwxFZWM-O8mNChPPfvdX_2bg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 05:02:31 GMT
age: 1933
etag: "08b4d519a099b04a9f1515377d02e51575f3321f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.8.ki/static/stylesheets/d-AppContainer.b82959e6.css
104.18.30.232200 OK 0 B URL HTTP/2 www.8.ki/static/stylesheets/d-AppContainer.b82959e6.css
IP 104.18.30.232:0
GET /static/stylesheets/d-AppContainer.b82959e6.css HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-4b78e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4ab957b4f3-OSL
X-Firefox-Spdy: h2
www.8.ki/
104.18.30.232200 OK 0 B IP 104.18.30.232:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 747d8e3f1e4eb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.8.ki/static/js/runtimechunk~main.fc9b7012.js
104.18.30.232200 OK 0 B URL HTTP/2 www.8.ki/static/js/runtimechunk~main.fc9b7012.js
IP 104.18.30.232:0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/runtimechunk~main.fc9b7012.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:36 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-3f12"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:36 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e41a90eb4f3-OSL
X-Firefox-Spdy: h2
www.8.ki/static/stylesheets/main.9786b1b6.css
104.18.30.232200 OK 0 B URL HTTP/2 www.8.ki/static/stylesheets/main.9786b1b6.css
IP 104.18.30.232:0
GET /static/stylesheets/main.9786b1b6.css HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:36 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-43bf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:36 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e41a912b4f3-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/6548.fe62fb73.js
104.18.30.232200 OK 0 B URL HTTP/2 www.8.ki/static/js/6548.fe62fb73.js
IP 104.18.30.232:0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/6548.fe62fb73.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-2afde"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4ab952b4f3-OSL
X-Firefox-Spdy: h2
api.8.ki/vn888-ecp/api/v1/announcements?anntype=2
104.18.30.232200 OK 0 B URL HTTP/2 api.8.ki/vn888-ecp/api/v1/announcements?anntype=2
IP 104.18.30.232:0
Analyzer Verdict Alert fortinet Phishing
GET /vn888-ecp/api/v1/announcements?anntype=2 HTTP/1.1
Host: api.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Origin: https://www.8.ki
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:38 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
access-control-expose-headers: X-token-renew
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=hHYgOFO02RsfOWH4BtXl3bS7clJwR.xonEw0VHgjJl8-1662701678-0-AahmqPOHFspahWA1Xd/x8COCXVE0AXnlJsOH41hflYzfx8PRDmGqHR03HBCCVo6Tkm0ubCiC2085iYemBP+NfZY=; path=/; expires=Fri, 09-Sep-22 06:04:38 GMT; domain=.api.8.ki; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747d8e534def1c02-OSL
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
104.18.47.230200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 104.18.47.230:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Origin: https://www.8.ki
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:35 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 747d8e41bb5db515-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.8.ki/static/js/7379.f1ca523e.js
104.18.30.232200 OK 0 B URL HTTP/2 www.8.ki/static/js/7379.f1ca523e.js
IP 104.18.30.232:0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/7379.f1ca523e.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-faa6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4a891fb4f3-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/831.c351da50.js
104.18.30.232200 OK 0 B URL HTTP/2 www.8.ki/static/js/831.c351da50.js
IP 104.18.30.232:0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/831.c351da50.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-9394"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4a6903b4f3-OSL
X-Firefox-Spdy: h2
www.8.ki/static/js/9758.12328a50.js
104.18.30.232200 OK 0 B URL HTTP/2 www.8.ki/static/js/9758.12328a50.js
IP 104.18.30.232:0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/9758.12328a50.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-3ab7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4aa943b4f3-OSL
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/2.ae17a60b.chunk.js
23.36.79.16200 OK 0 B URL HTTP/2 cdn.livechatinc.com/widget/static/js/2.ae17a60b.chunk.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
GET /widget/static/js/2.ae17a60b.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 10:40:49 GMT
x-amz-version-id: bpU.37FnIOPFeqPnyYN2_ycnjcD2Lb3N
server: AmazonS3
content-encoding: br
etag: W/"e6fe58bbd66bcb579db091bb3857594b"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 3CzK-RxW1JnZmyuVJcBUMOMRDMtnYZywDrWGZgKb98cID7y24BmM7w==
content-length: 94203
cache-control: max-age=31536000
expires: Sat, 09 Sep 2023 05:34:36 GMT
date: Fri, 09 Sep 2022 05:34:36 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.8.ki/static/js/125.20fe76ed.js
104.18.30.232200 OK 0 B URL HTTP/2 www.8.ki/static/js/125.20fe76ed.js
IP 104.18.30.232:0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/125.20fe76ed.js HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:02:58 GMT
etag: W/"63187a62-14436"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
expires: Sat, 10 Sep 2022 05:34:37 GMT
cache-control: public, max-age=86400
server: cloudflare
cf-ray: 747d8e4a7905b4f3-OSL
X-Firefox-Spdy: h2
www.8.ki/cdn-cgi/rum?
104.18.30.232200 OK 0 B IP 104.18.30.232:0
POST /cdn-cgi/rum? HTTP/1.1
Host: www.8.ki
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.8.ki/
content-type: application/json
Content-Length: 39909
Origin: https://www.8.ki
Connection: keep-alive
Cookie: __cf_bm=imthMuVH8p6v3qp.6bh12OnJ_JOhgFZG8NQZoIt4lpA-1662701675-0-AXoUWMl7bUNeS/3SYK/LxOlCScm+LllKI2qqQajIFyW6mVLGNPQJiBPpcjOtzlU4LmiPrq+opnEfKi00v18Sla4=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 05:34:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.8.ki
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 747d8e62df93b4f3-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
IP 142.250.74.10:0
GET /css?family=Noto+Sans:400,700&subset=latin-ext&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 05:34:36 GMT
date: Fri, 09 Sep 2022 05:34:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2