cfwbvt.lweaklfb.top/
198.204.247.164301 Moved Permanently 236 B IP 198.204.247.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ab24acb884e98bf8d7a066792fb34add
eb26467de73e75d48ebe3c559b07dc2125485e51
f1b1757c7db195378f5b829711493a60fdc37ac9a3e8c8923f7f26f90e4ae778
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 02:32:53 GMT
Server: Apache
Location: https://cfwbvt.lweaklfb.top/
Content-Length: 236
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6414
Expires: Tue, 31 Jan 2023 04:19:47 GMT
Date: Tue, 31 Jan 2023 02:32:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8540
Expires: Tue, 31 Jan 2023 04:55:13 GMT
Date: Tue, 31 Jan 2023 02:32:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 01:35:50 GMT
content-type: application/json
age: 3423
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3867
Expires: Tue, 31 Jan 2023 03:37:20 GMT
Date: Tue, 31 Jan 2023 02:32:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fDNh5GMZeECxc0ckvTsT00MPbCc3jsGRthMxbm2xZ3dh+NbS/EM5GLMrm1tQ7iqRWSMAvbl6GTk=
x-amz-request-id: WPF6P7KQB9PS281A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 02:22:02 GMT
age: 651
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:32:53 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 01:41:41 GMT
age: 3073
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d0319e80f00916935b613f6bdd0d2db
b6850f011010532d272c326ca7bc7876ded1e979
dc33ad9e3a20701ebff7a0c5a0b98583db065e57702a0e80046592c2c1d94b69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC33AD9E3A20701EBFF7A0C5A0B98583DB065E57702A0E80046592C2C1D94B69"
Last-Modified: Tue, 31 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Tue, 31 Jan 2023 08:32:10 GMT
Date: Tue, 31 Jan 2023 02:32:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7145
Expires: Tue, 31 Jan 2023 04:31:59 GMT
Date: Tue, 31 Jan 2023 02:32:54 GMT
Connection: keep-alive
push.services.mozilla.com/
44.228.1.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.1.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BFfG9hoXTCkN/qKHCvsb1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2bvUtqvUeF6jp+wnvW5/EHQwjC4=
cfwbvt.lweaklfb.top/
198.204.247.164200 OK 7.4 kB IP 198.204.247.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (904), with CRLF, LF line terminators
Hash 91084da8704752b9ed41f908dae42eda
81a146ebcce78ee3502ae486a220f110de5c5795
d3c8c7a57d625b71f57c8112bd661f7d2c293f660f80a078e297ce7f389362bb
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:54 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7; path=/; domain=.cfwbvt.lweaklfb.top; secure; HttpOnly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/style_categories.css
198.204.247.164200 OK 1.1 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/style_categories.css
IP 198.204.247.164:0
File type ASCII text, with CRLF line terminators
Hash 66c28253d79c285daeddc94aa4844aaa
43b4834d472b21adfb37499f5e66fd18294c1493
74981886a76a2a7c5df42d05dbd54cbaa3936e8723a35e149ad700e951598733
GET /includes/templates/pickhiup-003/css/style_categories.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:55:18 GMT
ETag: "420-5c65c76eba980"
Accept-Ranges: bytes
Content-Length: 1056
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/style_dropmenu.css
198.204.247.164200 OK 1.6 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/style_dropmenu.css
IP 198.204.247.164:0
File type ASCII text, with CRLF line terminators
Hash a60f4e05a148dc7a6d89a8c205edda64
4f90a2888f52e5a668c1346f13b2d6261efea80f
9c66926328d47a1acdc19dff43fb03509045ff6f2b6466e459b17105b932a9f7
GET /includes/templates/pickhiup-003/css/style_dropmenu.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Sat, 13 Jul 2019 03:46:00 GMT
ETag: "63d-58d87dd82ee00"
Accept-Ranges: bytes
Content-Length: 1597
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/style_footer.css
198.204.247.164200 OK 72 B URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/style_footer.css
IP 198.204.247.164:0
File type ASCII text, with CRLF line terminators
Hash 7b90e2cfd2152ab18fc623d7d77bf1eb
49b78a50977fb982ce3f816a37a2d3cb6a2f79cc
2d24758c46985fb8b88fa83fd4eea71615f88c1b06affab673b32424d930cf95
GET /includes/templates/pickhiup-003/css/style_footer.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2016 07:25:28 GMT
ETag: "48-539b28db58a00"
Accept-Ranges: bytes
Content-Length: 72
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_cart.css
198.204.247.164200 OK 8.2 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_cart.css
IP 198.204.247.164:0
File type ASCII text, with very long lines (794), with CRLF line terminators
Hash 2e1b3560fa2e1a2958128a83bea1253e
53394356cff7275f4ccf58652b3dac553f32f719
30acbe20121974fdd718779a803382945afc59e462e6363dac49494da24d6fe4
GET /includes/templates/pickhiup-003/css/stylesheet_cart.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 06:26:34 GMT
ETag: "1ff8-5cf63cac25a80"
Accept-Ranges: bytes
Content-Length: 8184
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_index_home.css
198.204.247.164200 OK 3.3 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_index_home.css
IP 198.204.247.164:0
File type ASCII text, with very long lines (337), with CRLF line terminators
Hash 621542cc22d742ed03c4de8029d63942
9cf3f7ebfe17aa0448f1a1d1311beaa2700f9a89
0f5e4c83409a1f234bde04cf42f95003160d10269dd871968fe99dc14a6d2492
GET /includes/templates/pickhiup-003/css/stylesheet_index_home.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:56:44 GMT
ETag: "d0b-5c65c7c0beb00"
Accept-Ranges: bytes
Content-Length: 3339
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_l_cat.css
198.204.247.164200 OK 221 B URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_l_cat.css
IP 198.204.247.164:0
Hash bd046a4e84a978c63d13d789fddbf3f1
6f27c9363231ea52723e3fb33c2792d2913465e0
8d6a8f6214cc2cd009d1afda866cccc6774e12ad9fb38579f1ac20ebb32cdce7
GET /includes/templates/pickhiup-003/css/stylesheet_l_cat.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Fri, 25 Feb 2022 03:56:48 GMT
ETag: "dd-5d8cfb01be000"
Accept-Ranges: bytes
Content-Length: 221
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/style_header.css
198.204.247.164200 OK 1.8 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/style_header.css
IP 198.204.247.164:0
File type ASCII text, with CRLF line terminators
Hash 916d8e2475d05168013e91c018fae8e9
724d4d59d258e572385005b11311f83a45fab30f
46794a856fd8137525c13649fafa4c42dcf3c4ccdef66d22f834f718e85df4a2
GET /includes/templates/pickhiup-003/css/style_header.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Sat, 13 Jul 2019 03:49:32 GMT
ETag: "716-58d87ea25cb00"
Accept-Ranges: bytes
Content-Length: 1814
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet.css
198.204.247.164200 OK 8.2 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet.css
IP 198.204.247.164:0
File type ASCII text, with very long lines (776), with CRLF line terminators
Hash 15201889ac6f904bd9b9d4da0b66b252
615880ccbbe42f552b9e3c30668c40d5136a65e5
2399f2d6db8ef17f8e2e2a846f86ea50aefd32f5eda5e18c23c61d168fbec345
GET /includes/templates/pickhiup-003/css/stylesheet.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2021 08:12:58 GMT
ETag: "2022-5ccb950abb680"
Accept-Ranges: bytes
Content-Length: 8226
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_searchtop.css
198.204.247.164200 OK 941 B URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_searchtop.css
IP 198.204.247.164:0
File type ASCII text, with CRLF line terminators
Hash 901602d91de36df9c7e7842d364e4c29
4f7847589e6bc9d21735340a3964af3acbacb9b3
228dd468ac2cbb5a955451c2ce47af5037074552e45590da58ba250201e33d2a
GET /includes/templates/pickhiup-003/css/stylesheet_searchtop.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Sat, 13 Jul 2019 03:43:30 GMT
ETag: "3ad-58d87d4921c80"
Accept-Ranges: bytes
Content-Length: 941
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_related.css
198.204.247.164200 OK 2.1 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_related.css
IP 198.204.247.164:0
File type ASCII text, with CRLF line terminators
Hash 3a7dda5510002c0d46f32aeec411a917
3bffe00d33e516c1e13730019ac4f3f54ea685d8
e8aae20b2e47e5925a8600e84d6b8effb5fa1c02f4eb50c822aa0dd76a7e4f96
GET /includes/templates/pickhiup-003/css/stylesheet_related.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Sat, 13 Jul 2019 07:40:06 GMT
ETag: "820-58d8b22b7e180"
Accept-Ranges: bytes
Content-Length: 2080
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_css_buttons.css
198.204.247.164200 OK 1.5 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_css_buttons.css
IP 198.204.247.164:0
File type ASCII text, with very long lines (1488), with no line terminators
Hash 3bdf7827184e7277f639f2ace8fab852
148d883c60e9055726476739cfba0ed555887cca
03f8aedeeadbdfb18521b9f92ed13e936e418dc166a155bd45256ccc0dc3515d
GET /includes/templates/pickhiup-003/css/stylesheet_css_buttons.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Thu, 21 Sep 2017 08:43:00 GMT
ETag: "5d0-559af14670d00"
Accept-Ranges: bytes
Content-Length: 1488
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_tm.css
198.204.247.164200 OK 25 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_tm.css
IP 198.204.247.164:0
File type Unicode text, UTF-8 text, with very long lines (680), with CRLF line terminators
Hash 5a0884b7203b9d7fee43b2cb82040c5c
2f9bc433d0bf49209d3809e72d3472c0602aae30
90a9d8489fc3112fecc9cb2b05717d29f54ea9313959f2348daec804d1f7e1f0
GET /includes/templates/pickhiup-003/css/stylesheet_tm.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2021 08:14:30 GMT
ETag: "6255-5ccb956278580"
Accept-Ranges: bytes
Content-Length: 25173
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_xt.css
198.204.247.164200 OK 118 B URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_xt.css
IP 198.204.247.164:0
File type ASCII text, with CRLF line terminators
Hash bdb30231f4343c4e592aff36f9dab50f
f71c56bbb1e950642c362783621b84809a447d98
16da8a97403e93fbf96bb9ab31c93948bac10c7520766cdacc63044f7b57f657
GET /includes/templates/pickhiup-003/css/stylesheet_xt.css HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 09:58:14 GMT
ETag: "76-5c803caa7b980"
Accept-Ranges: bytes
Content-Length: 118
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 31 Jan 2023 03:30:53 GMT
Date: Tue, 31 Jan 2023 02:32:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 31 Jan 2023 03:30:53 GMT
Date: Tue, 31 Jan 2023 02:32:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 31 Jan 2023 03:30:53 GMT
Date: Tue, 31 Jan 2023 02:32:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 31 Jan 2023 03:30:53 GMT
Date: Tue, 31 Jan 2023 02:32:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 31 Jan 2023 03:30:53 GMT
Date: Tue, 31 Jan 2023 02:32:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 3017
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 19771
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 00:33:02 GMT
age: 7194
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f9938c0cf6a0073ade7aa5fbe63ee
10b2c53728e16614bc96fbce22e98a135e8fdc16
25c6402614ad4f04d35ea2512b613a5c239609ce03886a22b1a89d62ddf344f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6660
x-amzn-requestid: d1b88b8f-d5c5-4da3-b93a-ade94338e746
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRa8DFMaIAMF2Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d071e6-1fa8a996195c9b3406399769;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:03:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HkhlfofiCFusEluIswICaWL-lR_nnmhszPSRTqZL_tRixYUUqlUZ_g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:49:14 GMT
age: 17022
etag: "10b2c53728e16614bc96fbce22e98a135e8fdc16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XYo_QvM8GWDyulOtUb5nVjS9PxOinaRJ3lYvCreeqd_9tHI5yv5xcQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:21 GMT
age: 17075
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 2181
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_06.jpg
198.204.247.164200 OK 42 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_06.jpg
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2012:12:19 17:24:54], baseline, precision 8, 78x18, components 3\012- data
Hash 0820dc906e6c808beae4e516dc0355e7
f48ee6f420d85300605b1934ce7bdc267bd61cc0
41cf4c108e0c961741e9d8f4a2120ede81f68b174569621c907e3d81f8b5584e
GET /includes/templates/pickhiup-003/images/left_weekly_06.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Wed, 19 Dec 2012 09:24:56 GMT
ETag: "a339-4d1313003ca00"
Accept-Ranges: bytes
Content-Length: 41785
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_05.jpg
198.204.247.164200 OK 41 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_05.jpg
IP 198.204.247.164:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:11:22 17:45:09], baseline, precision 8, 78x18, components 3\012- data
Hash 08c98bbc1bb425cd57d8912ed2c4cacc
0980085b7e185b4ad72c00ef56b7aa3b7c11beb2
34d55bd60226c8129cd75bffc1dea263294d4e24e54469954adc098ac3dd9610
GET /includes/templates/pickhiup-003/images/left_weekly_05.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2012 06:12:56 GMT
ETag: "a01c-4d11a63872a00"
Accept-Ranges: bytes
Content-Length: 40988
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_07.jpg
198.204.247.164200 OK 41 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_07.jpg
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2012:12:19 17:25:12], baseline, precision 8, 78x18, components 3\012- data
Hash 2837076f10e62e5c5316ce533551898d
f5e30142886cb420934a79bb83d40f2b5059a01d
c5f055b416d0dcf35ba30685e41f94e14e3e1182283924763dcbaf04ab4745f9
GET /includes/templates/pickhiup-003/images/left_weekly_07.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Wed, 19 Dec 2012 09:25:14 GMT
ETag: "a17f-4d13131167280"
Accept-Ranges: bytes
Content-Length: 41343
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003//jscript/jquery1.9.1.js
198.204.247.164200 OK 93 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003//jscript/jquery1.9.1.js
IP 198.204.247.164:0
File type ASCII text, with very long lines (32089), with CRLF line terminators
Hash 383771ef1692bfcc3f2b6917ca985778
a1ce0bfa507f23cc414a9a7634bd73b994bb3b35
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
Analyzer Verdict Alert fortinet Malware
GET /includes/templates/pickhiup-003//jscript/jquery1.9.1.js HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:55 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2016 07:18:10 GMT
ETag: "169d9-53939c08df080"
Accept-Ranges: bytes
Content-Length: 92633
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/logo.gif
198.204.247.164200 OK 3.1 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/logo.gif
IP 198.204.247.164:0
File type GIF image data, version 89a, 199 x 69\012- data
Hash b5c1b05eb0ec5616e6ac0dc518bd0349
9ddb81fc187e208129d6523c98184981516bd39a
59a7dbf940e23f80f85833153639ed3ad304827830a00119165dbc418022faea
GET /includes/templates/pickhiup-003/images/logo.gif HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
Last-Modified: Sat, 13 Jul 2019 03:39:30 GMT
ETag: "bfd-58d87c6440080"
Accept-Ranges: bytes
Content-Length: 3069
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/icon_search.png
198.204.247.164200 OK 3.6 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/icon_search.png
IP 198.204.247.164:0
File type PNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced\012- data
Hash e23597d1438fc031aaa277d774974ddf
507efa327d1ab542fcad1e7e148ccc3f2f0b0ef9
fd8c1e9f1059894420036910c36e07e09671e6b12f8a5ba6cd38954f7c17c02d
GET /includes/templates/pickhiup-003/images/icon_search.png HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_searchtop.css
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
Last-Modified: Thu, 21 Sep 2017 08:42:16 GMT
ETag: "de0-559af11c7aa00"
Accept-Ranges: bytes
Content-Length: 3552
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTYxNjI1NjAxNjVfMS5qcGc=
198.204.247.164200 OK 60 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTYxNjI1NjAxNjVfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash a7cd5b5de7bc971b382a53156562f5c7
6a24840e5437157d1d4f1447b565d916bd25dbbb
dc3662a1a7c4649c1ace39642510066265e18490debba915dca5c07e47b4a4c6
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTYxNjI1NjAxNjVfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/conbini-1.gif
198.204.247.164200 OK 12 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/conbini-1.gif
IP 198.204.247.164:0
File type GIF image data, version 89a, 1000 x 135\012- data
Hash 712d1cc504b1e779c5fbfb035b4da904
30e4904ad4aa13c409ea48304e38adba59298122
d7bf85b5a72044462fc366442d1f68763017bee327332e49c2b5384f2a1a2394
GET /includes/templates/pickhiup-003/images/conbini-1.gif HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
Last-Modified: Sat, 13 Jul 2019 03:23:54 GMT
ETag: "2f94-58d878e79c680"
Accept-Ranges: bytes
Content-Length: 12180
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/imgrc0068853650.gif
198.204.247.164200 OK 4.5 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/imgrc0068853650.gif
IP 198.204.247.164:0
File type GIF image data, version 89a, 163 x 69\012- data
Hash e6cbfd20a6e19bd2be5e696ff26387a2
8acb02aee28a86918de0df3e424dbf703e3a2746
c1a86c06e7093c59e01d4f8d886f9ae4bcc85ca691ceea2a6439f2de89de429b
GET /includes/templates/pickhiup-003/images/imgrc0068853650.gif HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
Last-Modified: Sat, 13 Jul 2019 03:48:34 GMT
ETag: "118e-58d87e6b0c880"
Accept-Ranges: bytes
Content-Length: 4494
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left-nav-01.jpg
198.204.247.164200 OK 36 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left-nav-01.jpg
IP 198.204.247.164:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 250x229, components 3\012- data
Hash 121360dda6d77a838e114b49dd716b77
b31b35a009715388a3ae57433c013d4fab249cfd
e00c8d16348265cdf045be499f7d5df52a18fd0e66a6c78d3799826a98c608cf
GET /includes/templates/pickhiup-003/images/left-nav-01.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
Last-Modified: Tue, 14 May 2019 07:09:08 GMT
ETag: "8b6c-588d3b57e8d00"
Accept-Ranges: bytes
Content-Length: 35692
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/ichiran1000_200.jpg
198.204.247.164200 OK 85 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/ichiran1000_200.jpg
IP 198.204.247.164:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=200, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1000], progressive, precision 8, 1000x200, components 3\012- data
Hash 1331dccc6e3926f515ae184054f2d545
0471790f16167bc11723da8536c290bc5d2a6439
41afdd63fa3d3754ec5d02e8a22deb0a2148070aeb715a070513c6968302eb32
GET /includes/templates/pickhiup-003/images/ichiran1000_200.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2021 07:57:02 GMT
ETag: "14b6a-5ccb917b04f80"
Accept-Ranges: bytes
Content-Length: 84842
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/1200_evt190618.jpg
198.204.247.164200 OK 134 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/1200_evt190618.jpg
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x628, components 3\012- data
Size 134 kB (133491 bytes)
Hash ddc99b7d968d84ae15535e8d6abf87dd
444bf13bf8e9e175db279c30cb2e99516ec370d9
f2e30dd28f6df89354abd5639a456494df2cff6940c6d1eac3aa4e448397a859
GET /includes/templates/pickhiup-003/images/1200_evt190618.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2019 03:19:30 GMT
ETag: "20973-58caa367c5480"
Accept-Ranges: bytes
Content-Length: 133491
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzY4NTI1ODE3MzlfMS5qcGc=
198.204.247.164200 OK 75 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzY4NTI1ODE3MzlfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash 07599bfb8bf1e9a0aa9137ebed137d24
1ea7716329e2ff75d437fed661db2df362eb93e2
a28be3c2398e3415643d3fd57136b6252e60c37d34213c89c17e7040e60925a7
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzY4NTI1ODE3MzlfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzY5NTU1NzgxNThfMS5qcGc=
198.204.247.164200 OK 56 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzY5NTU1NzgxNThfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash e44128e5855d6c1f97b98343b711ad4b
2917e29c57fc0e3d961b684a3307bb37e230d4e1
c9fd14b605f93761c56803a4c8b45af7fcf6194c12f3fc8224779503e62b5229
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzY5NTU1NzgxNThfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDUyNjAzNzk1OTZfMS5qcGc=
198.204.247.164200 OK 55 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDUyNjAzNzk1OTZfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash 637043456c70f1ed5dc84de5606f2cad
6b72dd3db0206de59d81e7587f29b75bc0af96c3
506ded1eb4df9b9f6b755b7b2ab712686f1992c8bf43155422ca1f10fa4dd988
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDUyNjAzNzk1OTZfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODEzNjI0MjY5MzNfMS5qcGc=
198.204.247.164200 OK 60 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODEzNjI0MjY5MzNfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash 93d8d51ecc2c172a06c0b1346d89b548
12116ae297fe100ef5dbe696abe775d853c4d32e
c6acf296193b4f6138a9c219f16fb969f55cd579c1dc60489bfb9ec1b56abc76
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODEzNjI0MjY5MzNfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTM2MzI0MjUwNzVfMS5qcGc=
198.204.247.164200 OK 50 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTM2MzI0MjUwNzVfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash edb3895f79658f260b657eb6f0463f77
14283533defaae4e3f0d954c1590acf1cd42517e
a9bf612609adf0db78066555ff125602882b7b5fe868ebb6043f8dfffcddca2d
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTM2MzI0MjUwNzVfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjI1MzAzOTA3NjJfMS5qcGc=
198.204.247.164200 OK 142 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjI1MzAzOTA3NjJfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1067x865, components 3\012- data
Size 142 kB (141808 bytes)
Hash b1af86e5530edb52f0e0414dbb66b328
7e3a37256eef18afa2c716b5be6c93e82c277ffa
e566aeba75aa59bec06fd634ccd68a32acabefec10bbd2af18275f0a39489c57
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjI1MzAzOTA3NjJfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODM1NjM3MjQyOTNfMS5qcGc=
198.204.247.164200 OK 27 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODM1NjM3MjQyOTNfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 478x720, components 3\012- data
Hash 71b2195dad17f815dee297eab810eff6
0ee04de909501b064ffa1074249d9b54757ea676
2bd0a8a5b6a6d9da91c39b806cd2e66b17cc9a14a34f423b4a98922fbdf85859
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODM1NjM3MjQyOTNfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/b978main.jpg
198.204.247.164200 OK 19 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/b978main.jpg
IP 198.204.247.164:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=340, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=796], baseline, precision 8, 796x50, components 3\012- data
Hash ce2880196e8d3ed317ed598e92dca260
a45a1714e56cfa2f2bbead1d177a3d4bae021a63
2027358247eb3d7b5f5161f7927ade472776462934551c851b020eefd77758aa
GET /includes/templates/pickhiup-003/images/b978main.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_tm.css
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
Last-Modified: Sat, 13 Jul 2019 06:07:22 GMT
ETag: "489b-58d89d713fa80"
Accept-Ranges: bytes
Content-Length: 18587
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTMwNjE3Mzg1NDdfMS5qcGc=
198.204.247.164200 OK 60 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTMwNjE3Mzg1NDdfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash 9d8611f8cc83b9c305cffa84318bf298
cd9d1b1a47509b9e1017be8680f236e8118493a1
a7b955368e75e17aeb6848c5eb13144ac8dc7a224f3657f7c8a7d8c341dbebca
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTMwNjE3Mzg1NDdfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTcxNDEwMjY4MzFfMS5qcGc=
198.204.247.164200 OK 68 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTcxNDEwMjY4MzFfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash de618ec5dfc8e85667e77149165dab06
5cfafca87c162aca369fea70ac317048ceb38c9d
88670a59039894dad72d3577d7f54381d8cfe708746ef49252f66b27859c0d74
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTcxNDEwMjY4MzFfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzg0OTgxNTIyNDFfMS5qcGc=
198.204.247.164200 OK 68 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzg0OTgxNTIyNDFfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash c7e904224bb9f25602b27a5d711e610a
4cea8db0e914706543102f323d6a22e92f9674b7
0eb0e7b1056f3d4921e823847e545fcb52ccfca1f401968760de5a3537999c26
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzg0OTgxNTIyNDFfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTIyNjc4MzIxNDZfMS5qcGc=
198.204.247.164200 OK 112 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTIyNjc4MzIxNDZfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x547, components 3\012- data
Size 112 kB (112526 bytes)
Hash 6a55be4372347905b227c2423724a246
849a4798ff4eb9be7de0727192a8b269b773bbba
13ba84b07adf38617dbec1221b551cf97d052ea1959c2ac9d1e91515468cc167
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTIyNjc4MzIxNDZfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDA0NjcxOTY5NjhfMS5qcGc=
198.204.247.164200 OK 154 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDA0NjcxOTY5NjhfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 154 kB (153861 bytes)
Hash b0549f4670c9f70f01a4f531c3fb50ea
2ff34e71d78d8f143d695bcfb09a96253bc1c63b
e6ecf6f0bbb7d8fffb8123417adc29a256ec62f9b6de99e2d6acbf6fa821f7bf
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDA0NjcxOTY5NjhfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjQ5MDQ5MjkzNzRfMS5qcGc=
198.204.247.164200 OK 154 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjQ5MDQ5MjkzNzRfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 154 kB (153676 bytes)
Hash 1b27418a1573070c8ceb50bd6c4b907c
d6a90d2267361fa52224377b419e9359019d9510
f2d2b6a10e4e6140d12b52dad436cbcc688e68fbad960f67b3d7f2588d2bbe7e
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjQ5MDQ5MjkzNzRfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/f_mark01.jpg
198.204.247.164200 OK 4.4 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/f_mark01.jpg
IP 198.204.247.164:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 4x5, components 3\012- data
Hash 54d5b502ca667d1ef93e7ab1a2f68dc0
433eb873dc00db343b8fe486ba52e6412f8eb753
6bcbde3dc2aff24bca666a6ede58e709b74a255b0ee34ae088c32227b1238c30
GET /includes/templates/pickhiup-003/images/f_mark01.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/css/stylesheet_tm.css
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Fri, 28 Aug 2020 01:53:40 GMT
ETag: "111c-5ade652653100"
Accept-Ranges: bytes
Content-Length: 4380
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzUzMjA0OTU1ODJfMS5qcGc=
198.204.247.164200 OK 56 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzUzMjA0OTU1ODJfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 676x720, components 3\012- data
Hash ca367406a0100d795bf9a50c26e4b898
b19f830e6d5d4d8bfbae4c63fd1b7a4bac696423
c147797e2b1c75d0b7c46048253f10ce25adfb109d65cbc2ad6a1a3845e9abe4
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzUzMjA0OTU1ODJfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDgyNDYzNDY5MTZfMS5qcGc=
198.204.247.164200 OK 246 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDgyNDYzNDY5MTZfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x810, components 3\012- data
Size 246 kB (245689 bytes)
Hash 23f423feca996aa6c479427b6f917d9e
2f3ad0a6ce8dc068d61740bcadea1a4de283484e
6b0f97eb55dac448d875fbba31dc82f6c7bb172f95f82208aab20775dc0204a3
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDgyNDYzNDY5MTZfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDc0MjM5ODc3MjhfMS5qcGc=
198.204.247.164200 OK 191 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDc0MjM5ODc3MjhfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 191 kB (190802 bytes)
Hash df26aa862f3d026a2323140eda28fc4e
c57272b86f37c22be6bc1745a959375d1ac88dc1
f3572bda32c3941b76b8ee47021e3c7f961faffb7b3344d5bf7e914a62b99ace
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDc0MjM5ODc3MjhfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_02.jpg
198.204.247.164200 OK 40 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_02.jpg
IP 198.204.247.164:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:11:22 17:44:49], baseline, precision 8, 78x18, components 3\012- data
Hash 7019e6e43fac6e8f7bfa542cc111a6b1
405e2987f5d61859973a4436f0c4fdea65bffd49
0d240e865b6fd63e24157f0a39f10737e5ca2610a77819ccc3fed82cc99fca92
GET /includes/templates/pickhiup-003/images/left_weekly_02.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2012 06:13:00 GMT
ETag: "9a6a-4d11a63c43300"
Accept-Ranges: bytes
Content-Length: 39530
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_03.jpg
198.204.247.164200 OK 41 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_03.jpg
IP 198.204.247.164:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:11:22 17:47:10], baseline, precision 8, 78x18, components 3\012- data
Hash f8e353940b38add49d026a45685faa6a
14ffd5ceee24612c61e09f684b47a97a2e9b5825
15a755ac055423e9467631395e0b07da764034dee14b82d307513fa8f0e60925
GET /includes/templates/pickhiup-003/images/left_weekly_03.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2012 06:12:52 GMT
ETag: "a05c-4d11a634a2100"
Accept-Ranges: bytes
Content-Length: 41052
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzk3OTY1NzAwNzFfMS5qcGc=
198.204.247.164200 OK 117 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzk3OTY1NzAwNzFfMS5qcGc=
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 117 kB (117245 bytes)
Hash 89dfc9d1b14c0e71304ddda47fb40dcc
c3e79782c06b86a00303531ce5ce77a223689572
52c5e675b08b8b31a8bfe40feb8ab4a948a584da7c69ea0889a6e11bfd25d306
Analyzer Verdict Alert fortinet Malware
GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzk3OTY1NzAwNzFfMS5qcGc= HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_01.jpg
198.204.247.164200 OK 41 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_01.jpg
IP 198.204.247.164:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:11:22 17:44:39], baseline, precision 8, 78x18, components 3\012- data
Hash 02a2757e955b101df85f69500489e852
314dbaaeccb271e91cb8c65d62b6fa19b2f64ac9
f7d923e5be6412370461410db00a48779f0cba8593d85aa8822c380d1b784986
GET /includes/templates/pickhiup-003/images/left_weekly_01.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2012 06:12:56 GMT
ETag: "a0c4-4d11a63872a00"
Accept-Ranges: bytes
Content-Length: 41156
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_09.jpg
198.204.247.164200 OK 42 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_09.jpg
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2012:12:19 17:26:12], baseline, precision 8, 78x18, components 3\012- data
Hash aa647b4825d7e47db74243cb527e98d8
39218808dfa99d96803344fcbc35cb3ae9d785ce
eadc4de64ab3629dea7863e22aa0994d7f90422ca6f7d26162e18bad25b7acee
GET /includes/templates/pickhiup-003/images/left_weekly_09.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Wed, 19 Dec 2012 09:26:14 GMT
ETag: "a228-4d13134a9f980"
Accept-Ranges: bytes
Content-Length: 41512
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_04.jpg
198.204.247.164200 OK 41 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_04.jpg
IP 198.204.247.164:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:11:22 17:44:59], baseline, precision 8, 78x18, components 3\012- data
Hash 06bcb86a01a5a4508f8d3b6bb9f26240
20f580d13770dd6b56c3951321578eb76fd29170
43ba13608729d04ef982f4228877bd50c9d5a5f306e66509dbd03d32affd6dbb
GET /includes/templates/pickhiup-003/images/left_weekly_04.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2012 06:12:52 GMT
ETag: "9fc1-4d11a634a2100"
Accept-Ranges: bytes
Content-Length: 40897
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_010.jpg
198.204.247.164200 OK 42 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_010.jpg
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2012:12:19 17:27:17], baseline, precision 8, 78x18, components 3\012- data
Hash 8df1e03959193f01004fafe50f8e5052
cc3e1d832c4fbbdacec1da1089f3e995ce86a3df
9e01bf405d826f76a3602a266baa2add357c6f708aeddd310470bd33cf6d587d
GET /includes/templates/pickhiup-003/images/left_weekly_010.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Wed, 19 Dec 2012 09:27:18 GMT
ETag: "a4e5-4d131387a8980"
Accept-Ranges: bytes
Content-Length: 42213
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_08.jpg
198.204.247.164200 OK 42 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/left_weekly_08.jpg
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2012:12:19 17:25:36], baseline, precision 8, 78x18, components 3\012- data
Hash 7776fa9254dc262857458d35ce212829
06cbeb6771ed67a24bb6a551efab654bd36bbc71
07dc6bc382e95a57f5c2ec8ca0733861d25d88ba6850e439d2a3257661ef1f85
GET /includes/templates/pickhiup-003/images/left_weekly_08.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Wed, 19 Dec 2012 09:25:38 GMT
ETag: "a21f-4d1313284a880"
Accept-Ranges: bytes
Content-Length: 41503
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/common/all_yj.png
198.204.247.164200 OK 21 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/common/all_yj.png
IP 198.204.247.164:0
File type PNG image data, 320 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 4193f1572e5a0c95125efbef8399c1f0
e60cb3f02b750ecf1be080eecf75cfbcac54eb36
323709d7cc5d328379211d091df52e375910d7c62009fff85b20e4254880d208
GET /includes/templates/pickhiup-003/images/common/all_yj.png HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Mon, 18 Feb 2019 03:24:16 GMT
ETag: "5152-58222a8cc1800"
Accept-Ranges: bytes
Content-Length: 20818
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/ostp_side_082re.jpg
198.204.247.164200 OK 68 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/ostp_side_082re.jpg
IP 198.204.247.164:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 225x267, components 3\012- data
Hash 7d7695b2b1a6ec2a62bb655b36ee396e
9b3e33221538f84ecf0cf73d3d2ce87eadd7c43b
e164a9ffd6d502f088153c85cba236cf845084396471fbb11c9a5a4560f0ebe6
GET /includes/templates/pickhiup-003/images/ostp_side_082re.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Tue, 02 Jul 2019 03:31:00 GMT
ETag: "10a55-58caa5f9ce500"
Accept-Ranges: bytes
Content-Length: 68181
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/tana0707-icon.gif
198.204.247.164200 OK 14 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/tana0707-icon.gif
IP 198.204.247.164:0
File type GIF image data, version 89a, 600 x 240\012- data
Hash 128cf7c7391e440ae14e6bd6097fb309
b7f2bb693ade8e92bca91d43f656c08e74fa45b7
d531f0ce42ae45e26ece853759360c60b81a98417087aeca60b546aac0450e2e
GET /includes/templates/pickhiup-003/images/tana0707-icon.gif HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Sat, 13 Jul 2019 03:54:58 GMT
ETag: "34a5-58d87fd942880"
Accept-Ranges: bytes
Content-Length: 13477
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/phadua.jpg
198.204.247.164200 OK 130 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/phadua.jpg
IP 198.204.247.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 950x320, components 3\012- data
Size 130 kB (129601 bytes)
Hash 44967b23c6c1eaf0f277b2b39a6e6a64
91036eb1212613f19cd064fd7e4f7c79f02d4c22
1b699bcaccfcad70b7ab37fee3c61cc4e3fd4037bfc9e37223cea0e23139ffb7
GET /includes/templates/pickhiup-003/images/phadua.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Sat, 06 Jul 2019 02:13:54 GMT
ETag: "1fa41-58cf9c33f3c80"
Accept-Ranges: bytes
Content-Length: 129601
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/henpin_f.png
198.204.247.164200 OK 305 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/henpin_f.png
IP 198.204.247.164:0
File type PNG image data, 800 x 271, 8-bit/color RGBA, non-interlaced\012- data
Size 305 kB (305376 bytes)
Hash 1ad77e2c77960ac745632ed34a3c7e53
a8b32ed0e9fada138be69042f3edce834e2bf120
76f48762922a6f84bc071a4faa0f9b1a77503ab783dc94d796979adbfe485fc3
GET /includes/templates/pickhiup-003/images/henpin_f.png HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Sat, 13 Jul 2019 06:11:54 GMT
ETag: "4a8e0-58d89e74a5e80"
Accept-Ranges: bytes
Content-Length: 305376
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/f_deli_time.jpg
198.204.247.164200 OK 13 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/includes/templates/pickhiup-003/images/f_deli_time.jpg
IP 198.204.247.164:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 325x65, components 3\012- data
Hash 6f66d8de2d787cfc513c69bc7c5416eb
536a6b6353772532c8a808f487a8d7bc776751c5
4acfac6ad03989c08cbcfe81bb7a417754f49cbd4ba982c4bbffebfb2ea0868a
GET /includes/templates/pickhiup-003/images/f_deli_time.jpg HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Sat, 13 Jul 2019 07:10:06 GMT
ETag: "33e1-58d8ab76e0f80"
Accept-Ranges: bytes
Content-Length: 13281
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
cfwbvt.lweaklfb.top/favicon.ico
198.204.247.164200 OK 5.4 kB URL HTTP/1.1 cfwbvt.lweaklfb.top/favicon.ico
IP 198.204.247.164:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash e3d999162d3300c9a0ccc5ad15f1c178
1a2819cd98932ff9f5fdb9e4db4b6706b7474353
5433b42817d81ae9ffdb614e37e90e757bce6959340c47a3d22ebe99c83c74af
GET /favicon.ico HTTP/1.1
Host: cfwbvt.lweaklfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfwbvt.lweaklfb.top/
Cookie: zenid=c0okg2dv4o3eo64ipt03mbloq7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:32:57 GMT
Server: Apache
Last-Modified: Thu, 28 Dec 2017 23:11:02 GMT
ETag: "1536-5616ea12e0d80"
Accept-Ranges: bytes
Content-Length: 5430
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fc180ec5b99ac357db8775775c3c11
c9856a488e82bc330881377528bf2e53274ef5f3
a31fd6fc84f79b0f5fb79cccf490ddf61eb58bdaf57ca27f57a911332e550d11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5394
x-amzn-requestid: 16d876fb-0afd-4b5d-b19e-1029506fd6f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIgq2E4CIAMFiFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce178-1f08dc2105b6e182677004e7;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:10:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 36E3JCGqpkeMmb_fzM0DTb24ElUMGDdikE1IdqQABDlbT28XRs7B-w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 11:52:37 GMT
age: 52825
etag: "c9856a488e82bc330881377528bf2e53274ef5f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2