ww16.weare.hk/search/tsc.php?200=NDE2MDkwMjE1&21=OTEuOTAuNDIuMTU0&681=MTY4Mzg3NjI3ODM0NjBjMDMzNzQzMmRlOTU2NmMwNWY0YzMxM2QxYzFl&crc=74eb7a99ecf550f1b0afd7113f260f49a31d6648&cv=1
91.195.240.85 0 B URL ww16.weare.hk/search/tsc.php?200=NDE2MDkwMjE1&21=OTEuOTAuNDIuMTU0&681=MTY4Mzg3NjI3ODM0NjBjMDMzNzQzMmRlOTU2NmMwNWY0YzMxM2QxYzFl&crc=74eb7a99ecf550f1b0afd7113f260f49a31d6648&cv=1
IP 91.195.240.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/tsc.php?200=NDE2MDkwMjE1&21=OTEuOTAuNDIuMTU0&681=MTY4Mzg3NjI3ODM0NjBjMDMzNzQzMmRlOTU2NmMwNWY0YzMxM2QxYzFl&crc=74eb7a99ecf550f1b0afd7113f260f49a31d6648&cv=1 HTTP/1.1
Host: ww16.weare.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww16.weare.hk/?sub1=20230504-1731-3026-89b2-7da635990868
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Fri, 12 May 2023 07:24:39 GMT
server: NginX
x-cache-miss-from: parking-67fcc494f5-6zf9x
x-powered-by: PHP/8.1.17
content-length: 0
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226 1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash a751578070df42883be2e2052b9a30d0
ed246e5df87ff6583c9f2dd7b089c166d368ef08
ef577ecefaca2cb07342c900672ae8c0e9c9e8c8570b28aba81a10f144970bc1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 12 May 2023 07:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 16 May 2023 04:55:44 GMT
ETag: "ed246e5df87ff6583c9f2dd7b089c166d368ef08"
Last-Modified: Fri, 12 May 2023 04:55:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2361
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c60ec580902b511-OSL
ww16.weare.hk/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DigsmTN2i8yk_0&v=YWY5MjAyY2JlOTM0N2JiMWUwNTJiMWZhMzc3OTRhMjQJMQl3dzE2LndlYXJlLmhrNjQ1ZGU5YjVhNzc1YTMuMTA3NDk1MTkJd3cxNi53ZWFyZS5oazY0NWRlOWI1YTc3ODU3LjY5MTU1MzcyCTE2ODM4NzYyNzgJYWRfNjNfMA==&l=OAk2NTEwZDhmMGU1ZjM4YjE2OWY5YmRkMzc5OTNiYzdkZQkwCTM1CTAJZTc1YmQ1ZTM0NTY2Njc0ZTU4OWMxZjAwMTg0NDBmOTEJNDE2MDkwMjE1CXdlYXJlCTAJNjMJNgkyCTE2ODM4NzYyNzgJMC4wMDA1NTYJTgkwCTAJMAkxMjA1CTkzMDI1OTM2CTkxLjkwLjQyLjE1NAkx
91.195.240.85 0 B URL ww16.weare.hk/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DigsmTN2i8yk_0&v=YWY5MjAyY2JlOTM0N2JiMWUwNTJiMWZhMzc3OTRhMjQJMQl3dzE2LndlYXJlLmhrNjQ1ZGU5YjVhNzc1YTMuMTA3NDk1MTkJd3cxNi53ZWFyZS5oazY0NWRlOWI1YTc3ODU3LjY5MTU1MzcyCTE2ODM4NzYyNzgJYWRfNjNfMA==&l=OAk2NTEwZDhmMGU1ZjM4YjE2OWY5YmRkMzc5OTNiYzdkZQkwCTM1CTAJZTc1YmQ1ZTM0NTY2Njc0ZTU4OWMxZjAwMTg0NDBmOTEJNDE2MDkwMjE1CXdlYXJlCTAJNjMJNgkyCTE2ODM4NzYyNzgJMC4wMDA1NTYJTgkwCTAJMAkxMjA1CTkzMDI1OTM2CTkxLjkwLjQyLjE1NAkx
IP 91.195.240.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DigsmTN2i8yk_0&v=YWY5MjAyY2JlOTM0N2JiMWUwNTJiMWZhMzc3OTRhMjQJMQl3dzE2LndlYXJlLmhrNjQ1ZGU5YjVhNzc1YTMuMTA3NDk1MTkJd3cxNi53ZWFyZS5oazY0NWRlOWI1YTc3ODU3LjY5MTU1MzcyCTE2ODM4NzYyNzgJYWRfNjNfMA==&l=OAk2NTEwZDhmMGU1ZjM4YjE2OWY5YmRkMzc5OTNiYzdkZQkwCTM1CTAJZTc1YmQ1ZTM0NTY2Njc0ZTU4OWMxZjAwMTg0NDBmOTEJNDE2MDkwMjE1CXdlYXJlCTAJNjMJNgkyCTE2ODM4NzYyNzgJMC4wMDA1NTYJTgkwCTAJMAkxMjA1CTkzMDI1OTM2CTkxLjkwLjQyLjE1NAkx HTTP/1.1
Host: ww16.weare.hk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww16.weare.hk/?sub1=20230504-1731-3026-89b2-7da635990868
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Fri, 12 May 2023 07:24:39 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 12 May 2023 07:24:39 GMT
location: /search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DigsmTN2i8yk_0&v=YWY5MjAyY2JlOTM0N2JiMWUwNTJiMWZhMzc3OTRhMjQJMQl3dzE2LndlYXJlLmhrNjQ1ZGU5YjVhNzc1YTMuMTA3NDk1MTkJd3cxNi53ZWFyZS5oazY0NWRlOWI1YTc3ODU3LjY5MTU1MzcyCTE2ODM4NzYyNzgJYWRfNjNfMA==&l=OAk2NTEwZDhmMGU1ZjM4YjE2OWY5YmRkMzc5OTNiYzdkZQkwCTM1CTAJZTc1YmQ1ZTM0NTY2Njc0ZTU4OWMxZjAwMTg0NDBmOTEJNDE2MDkwMjE1CXdlYXJlCTAJNjMJNgkyCTE2ODM4NzYyNzgJMC4wMDA1NTYJTgkwCTAJMAkxMjA1CTkzMDI1OTM2CTkxLjkwLjQyLjE1NAkx
pragma: no-cache
server: NginX
x-cache-miss-from: parking-67fcc494f5-rzf52
x-powered-by: PHP/8.1.17
content-length: 0
X-Firefox-Spdy: h2
ocsp.globalsign.com/alphasslcasha256g4
104.18.21.226 1.4 kB URL ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.21.226:0
Hash fb564ee50ec2939bf3860321ec4f60c8
f92bb3dc847c23c97aa3ef9d3762b7f12622a68d
8b27586589fcd8b2be502ceda59738822cbda83ba8fa800b3832298864ecc20f
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 12 May 2023 07:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Tue, 16 May 2023 06:51:01 GMT
ETag: "f92bb3dc847c23c97aa3ef9d3762b7f12622a68d"
Last-Modified: Fri, 12 May 2023 06:51:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c60ec5b2dc2b511-OSL
xml.sedodna.com/click?i=igsmTN2i8yk_0
173.239.53.32 0 B URL xml.sedodna.com/click?i=igsmTN2i8yk_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=igsmTN2i8yk_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww16.weare.hk/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 12 May 2023 07:24:39 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://thale-gds.com/zcvisitor/0d73b1c5-f096-11ed-bac8-0a51f34be38b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e1920750-cd68-11ed-857c-0a918cbcbb97
Pragma: no-cache
ocsp.r2m01.amazontrust.com/
143.204.48.16 471 B URL ocsp.r2m01.amazontrust.com/
IP 143.204.48.16:0
Hash 85639d218621a096d5865b06878bf28c
fde97336150eb3830fe95482d7da604bdf9640ad
682c81005a2279d4b475af82c9b167c83892464cb9eeffa0171fcc333328036c
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119040
Date: Fri, 12 May 2023 07:24:40 GMT
Etag: "645d0067-1d7"
Expires: Sat, 13 May 2023 16:28:40 GMT
Last-Modified: Thu, 11 May 2023 14:49:11 GMT
Server: ECAcc (bsa/EB4C)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1gSGwlO0EQN92AFobNIHyOXNIaPkyqrPxMzONr9gkg7Iz2kRlmwfhw==
Age: 5969
thale-gds.com/favicon.ico
34.238.227.119 653 B URL thale-gds.com/favicon.ico
IP 34.238.227.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: thale-gds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thale-gds.com/zcredirect?visitid=0d73b1c5-f096-11ed-bac8-0a51f34be38b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Fri, 12 May 2023 07:24:40 GMT
content-type: text/html;charset=utf-8
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: aTVJwMkO
X-Firefox-Spdy: h2
go.proffering.xyz/15GUIL?zoneid=porraceous-llama&campaignid=2069719&target=juliet-foy-vzyxd8el74&cost=0.001050&external_id=NON-ADULT
20.113.67.50 312 B URL go.proffering.xyz/15GUIL?zoneid=porraceous-llama&campaignid=2069719&target=juliet-foy-vzyxd8el74&cost=0.001050&external_id=NON-ADULT
IP 20.113.67.50:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (312), with no line terminators
Hash 75898ea7ae7b996b66f37ba7e9a855a6
f153528724f1f0af9213db458942d4e746a038db
4c1074a71b42aadce221b144caacd8695e65829f0cf8147419a6b924530b1c05
GET /15GUIL?zoneid=porraceous-llama&campaignid=2069719&target=juliet-foy-vzyxd8el74&cost=0.001050&external_id=NON-ADULT HTTP/1.1
Host: go.proffering.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thale-gds.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Fri, 12 May 2023 07:24:41 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 312
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GUILo=20230512101683877023447; domain=.go.proffering.xyz; path=/;expires=Sat, 13 May 2023 07:24:41 GMT; httpOnly=true;SameSite=None; Secure;
_pc_lc_id=15GUIL; domain=.go.proffering.xyz; path=/;expires=Sat, 13 May 2023 07:24:41 GMT; httpOnly=true;SameSite=None; Secure;
peerclickcid=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512; domain=.go.proffering.xyz; path=/;expires=Sat, 13 May 2023 07:24:41 GMT; httpOnly=true;SameSite=None; Secure;
_norg=1; domain=.go.proffering.xyz; path=/;expires=Sat, 13 May 2023 07:24:41 GMT; httpOnly=true;SameSite=None; Secure;
Location: https://qwfuu.altairaquilae.top/?pl=W7-lkuObDEWXzHM4LgqUhA&sub_id=parkdom&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512
Vary: Accept
qwfuu.altairaquilae.top/?pl=W7-lkuObDEWXzHM4LgqUhA&sub_id=parkdom&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512
104.21.94.247 0 B URL qwfuu.altairaquilae.top/?pl=W7-lkuObDEWXzHM4LgqUhA&sub_id=parkdom&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512
IP 104.21.94.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=W7-lkuObDEWXzHM4LgqUhA&sub_id=parkdom&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512 HTTP/1.1
Host: qwfuu.altairaquilae.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thale-gds.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 12 May 2023 07:24:41 GMT
content-length: 0
location: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
set-cookie: W7-lkuObDEWXzHM4LgqUhA=19; max-age=345600; path=/; samesite=lax
__pl=99af7003-6433-4c7f-8d17-1da84cb75bf8; expires=Mon, 12 May 2025 07:24:41 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXp4IiNJnuuxF8A4wQGcfK9R02lm1PMPMPlhaBXlLyT1fLoSC0dTYchLHKPE8PUZ0qzQMCIquRPr%2FAFuljrYaBIX%2Bjy1%2Bq1aQltVMi1LQ%2BDBmhpQiqTh7ME5xX%2FYub%2FF%2F3T3vvzfLq53TA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c60ec666c160b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
qwfuu.crystalcrafter.top/ph-new/assets/thumb-big.jpg
104.21.7.3 83 kB URL qwfuu.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Hash cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788
GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:41 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3145
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHLCUSeAxSsAEguPYEuxzL0pT8rKpWdCg7R44X5VJ8pZj%2F85rzS8aVkZ0djYanscj5Ji7ESanplc0X7pya1YOrCi%2Bwsh5ajAo5k%2BhClPX7WsGZ3WUE2FH3X436zhO3Od5PGVbn5kNmXTssw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec697897b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
172.67.169.207 1.1 kB URL js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
IP 172.67.169.207:0
File type ASCII text, with very long lines (2612), with no line terminators
Hash 0dba333948dfafc2c7425b4aadf8185d
9cd6d970a6bd52e0e8e54f8ad0e80ab13da7fc13
aa5200ce8a6b9c60f852ae45a468b47860a65f0b53e2824ef63c71db9157cef2
GET /ps/pl.js?edg=true&fullscreen=true HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 12 May 2023 07:24:41 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qGiNdYVFscLT%2BwxdVfVmDzzbpOfLKR3Tira4gyWOiyc7CmXULiVwhCUP%2BojcX%2B4Zk%2FvmYR4nTs2Et27LJ0Ph1upJYczYJq640gD92zuuq%2BYtbYNS2DMouLLoMYEyveRc25P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec69dd93b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 89df013e8608d07679738c5bed6b85f6
49951a3cf8def7832e44ef5d8448ccea2f9c0391
2680bd8acd47863cffaafb8d8c7384abe08358ce137bdb2e4fcf9ab61840f7e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 May 2023 07:24:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&appspot=
172.67.169.207 15 kB URL js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&appspot=
IP 172.67.169.207:0
File type Unicode text, UTF-8 text, with very long lines (23360), with no line terminators
Hash 150e8f8e8810e8beb315230ff44c8392
228109122609ef203ef8453e8066b15ed5344160
01ffd75e0e7b095e41d3ece71a002bfbb95115d8e9642289dce1587f9645d94c
GET /ps/ps.js?edg=true&fullscreen=true&pl=true&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&appspot= HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
set-cookie: __psu=32d87645-74f4-45b8-af65-59b874d89c39; expires=Mon, 12 May 2025 07:24:42 GMT; path=/; secure; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peY3lnElEAMBg73LBp%2FKfQ7J8uHVW8tKguFpnDpTCd%2FykqOa%2Fx%2Fw%2Fw01tE%2FwgeVxSZ3bgcNG%2BwWBxmcsiIoJxRYDsbF%2Bg66lE1at9QPSwV8ZnddcHRM%2FneBvA6wqgVP8T8Oe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6adfe9fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-1.jpg
104.21.7.3 14 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/rec-1.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hyp3g75XJpMGmjLpQAILKXp03QQo38pqkkhbRxxrzSQKt4G6KQoq7Px%2F%2Bo701pBHHMqgS24WWif0jEW2uV6ouqtddoswG8Gm6JJJD41ogEDAb9WCBufEqiwqnf5JKFskNfGhIgCVnywGH5s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d8e58b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-3.jpg
104.21.7.3 15 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4d58cecaa4f40c979917c8e4d907033f
f0c6d616bcc3f4bd5a1dadbca8254d9f34f2921c
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996
GET /ph-new/assets/rec-3.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 15217
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3b71"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpD9TclXJvw43X2xdPKAOJYZOY4UaF%2Bxr9SQYfODnwadrQBpzhi0wywoLJ%2BeXwCGGKCzTae9ISVyJLNLw%2BQz3p8qydm0OYDtkZbXH3xKF0Ckq80ttl8A0KOaEmQgWr02aLsR5z1YCFSK%2BMg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d8e5eb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-5.jpg
104.21.7.3 13 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-5.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f9ec603fbe19b12e8a8c1874eea3e5f2
0e24410f618ffa17dc6a9380a5b9a4c06dfba4a9
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02
GET /ph-new/assets/rec-5.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 13149
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-335d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryH1jOQObYmwdyp23xEqIGy7h2214m3dlbvdINbfL2mwlovnYcpghDkXTB3AAit44UFXLhm80CeSCwj1HIGIvus5fJQ0mCdOCla%2F9VCe%2BAkbagJY9EH4PrtXak5KDwp%2BGLfaoeUYvZBsa2k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d8e65b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 89df013e8608d07679738c5bed6b85f6
49951a3cf8def7832e44ef5d8448ccea2f9c0391
2680bd8acd47863cffaafb8d8c7384abe08358ce137bdb2e4fcf9ab61840f7e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 May 2023 07:24:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
qwfuu.crystalcrafter.top/ph-new/assets/rec-6.jpg
104.21.7.3 16 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-6.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4887925f773d2ba9caea39686f764c7f
98c9abb09854fee425dbd78ad623af053cec6721
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773
GET /ph-new/assets/rec-6.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 15988
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3e74"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRAMwGplhmOCOnvvl066WIG2STjIuXB5X9n9lxe47dEshDnOg8bKAww8r1aKAgYztkPX4aLNMt%2B6z0dtcaoih2vzZkl9a3kyOvbYhI1IXHYO43abXxMuKV%2BNNwObQphkJTnqFVvW92gJLxk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d8e66b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-8.jpg
104.21.7.3 13 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-8.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash eb826882457e1589d8a7d3b3499c4556
91284882dec199a9cc02ffa3ef3c86505159ce12
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940
GET /ph-new/assets/rec-8.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 12992
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-32c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2837
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ed7m%2F%2FX0yzs%2Befs7rpi%2FvqVgJgnNCjSuvxbAXd39yjFNgg63riLKSZNkt5VWnDlQ0XK3DYJLAS3cuC7VdVSlpDDJ9lbEZ3GJk5V79B7tgWTjXkp6zj8Gk18DozJ8FZXRw4cj9%2FIuO1QjFhM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d9e6eb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-2.jpg
104.21.7.3 11 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-2.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash dbe1dba764a2ef20cf6760ad30539988
e14dca406d4f5932a9a4683635bbdf87def79eba
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7
GET /ph-new/assets/rec-2.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 10890
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2a8a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74%2FgN8%2FS3vE%2FOkLjR%2BviewUFlBQz7mbnFXeJ4R9OaEw9Wb11Jv%2B6U44rX4%2F4Si%2BPHjpY%2FjjRLuWFZLyceeCLSztKQN9L0ihZPcQGKmb%2Br%2BlbZgtptEYgaXzdfayAns1Ec507Gn33N2MYOKk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d8e5ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/1.jpg
104.21.7.3 14 kB URL qwfuu.crystalcrafter.top/ph-new/assets/1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/1.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2837
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aX92WHbeLp%2Ftj4Yfay%2Fi%2FzQqGBADztXZScSsr2PEXpLiBHpDrhaGmpVmj%2BtOrBmFMTz%2BQIKVgfQA5V8z6aThCEpmg5V9rzEcEze3PHtdSXxiUViYEGeYlUOhHhArG%2FnnMUVTr299C9PepSY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d9e6fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-4.jpg
104.21.7.3 8.9 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-4.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 8375f2a1249ce00f118c5b616ab71492
4e2d3bc095c01632578b0b39afbfc03f43e3fa42
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483
GET /ph-new/assets/rec-4.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 8900
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-22c4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2837
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwSpCre8JV8E0M%2FJvmPte5f97N8vr35HkSBr5JF3AdBHycsurUXflAQqlu19%2BkjdF%2FJWfupKCftPAn3oe74dtNBAs2psc%2BJzTfcafy86vHtDUiAGN6HVkZL408EoZYcu2tUxd%2BFdXFZRRn8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d8e61b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/5.jpg
104.21.7.3 12 kB URL qwfuu.crystalcrafter.top/ph-new/assets/5.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 113d196991f086fe21f82ee35286eddc
093b74a20c8902f13be1ee735f90a93e397227f9
34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1
GET /ph-new/assets/5.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 11713
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2dc1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5Pez%2B%2FrmeF1Ch3QWiA4SlpZA3%2FxW6xGG%2BlLzoZ%2FbY%2FOfUprEeeHIpprzXW5xP25bj0BQOGvBnozznIZfxx6IyVCkb9cM%2B7ji%2BwkijeWYQu3a%2BvA2gxra7VQxW8g5%2BVmxyING816nnHUgik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d9e7ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/4.jpg
104.21.7.3 14 kB URL qwfuu.crystalcrafter.top/ph-new/assets/4.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash a4bef91e21afc13fed7f0bebcc6c4495
5dd2288d13e016a66fbe1f5605b2ed0fc3ad6326
44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd
GET /ph-new/assets/4.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 13611
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-352b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyxVEjKhP4J6Nd0%2Br5uJ67xhJVS3zsHtlAIUmfozo%2BsDxuF9vD99SfKDFiEHOBa2cKfdzSGHx0GZj%2BSBNuRRQpU8dwP%2FSrNIMQ2MaN%2FsahKKrr202QHTHrsfxFbSjsU4t9TtEEaa23Be%2FAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d9e7cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/3.jpg
104.21.7.3 11 kB URL qwfuu.crystalcrafter.top/ph-new/assets/3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 3f9b232e4a112a89dedcae34ff319dda
5c633886ceeaf3b1185e24253df6be39378c8e85
55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a
GET /ph-new/assets/3.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 11094
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2b56"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6b3YZgHzNU1U71F%2FxCxgtzka1uGNT93utcLSih0vG7Yr9iIPZp0Zd%2FcJJCVuRZcaHgQH3WX8WIqxcgh9M08rAe%2FrAl%2Feedzl1Z0MnZ%2B3mdpY23bY65%2FC21qdBAp5JgIstixuuqOuC%2FSGuw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d9e76b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/2.jpg
104.21.7.3 21 kB URL qwfuu.crystalcrafter.top/ph-new/assets/2.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash c3f3eb5d00c73ac19828309a4cde4e96
be66f4e10a00d90a0f8fdc0a5a4dbd19c143d97d
626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763
GET /ph-new/assets/2.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 21253
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-5305"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2837
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysA6TQ%2BlMfGrLwXm5u5u0HuJ2%2BoPPYmZrI9KsgduS%2F5jqAEK0RgmSLq76mhOtPYtJNX1fY1FWtmX8ATD44no5XdW8A%2FUJdtUq9OxaKpNrOjLlLb%2FtZz8PWR%2B4po1NypFocgCJdf5PPBI5ow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d9e77b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/assets/rec-7.jpg
104.21.7.3 14 kB URL qwfuu.crystalcrafter.top/ph-new/assets/rec-7.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f8af6bb4bdbbf2788da61a614e2f214e
d4a22a315356fcbc5f4a6af2d8a15e96721abddc
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc
GET /ph-new/assets/rec-7.jpg HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 13963
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-368b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2837
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJPGaE1Ffaf1wy55zkcj51TMM8fNH%2FjAdZU0pQQ4GZ4MW3haz0lDwvSW2xSSpOy7p9vRDSm3vkT61Z0350Ddk8ymt%2FNAL2aPzri126K%2FxhW6Fln1AckzkBsrzdjCynEOyxtF0bl6ZECMlRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec6d9e6bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
142.250.74.99 11 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (40976)
Hash a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 06 May 2023 11:22:42 GMT
expires: Sun, 05 May 2024 11:22:42 GMT
cache-control: public, max-age=31536000
age: 504120
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.crystalcrafter.top/ph-new/assets/thumb-big.jpg
104.21.7.3 83 kB URL a.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Hash cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788
GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BklVyjqNnyQzwzQLyDYVS0cmCeSquwew5vyISCb0fwht6jSH2yi8AOWkVikfeHWlgZIdi0e986pmJXsUzTaJKL8jArx%2BEBnlxAHUaaa2ojQgTCiux9I7%2FN4QAQMWchH%2FiuOuuec%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec706a4eb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/favicon.ico
104.21.7.3 0 B URL a.crystalcrafter.top/favicon.ico
IP 104.21.7.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 12 May 2023 07:24:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJbMSPeMuTYBBWdbXJhoo44N5EhUX1vFCInoDVO71UZMxl4r6rmPsK25RPDspLVq%2B2wGkia5yZew7ymNFJpban9m%2B46lJ1t70uwKVmKGWX%2FwHdCUGDrpIxJoD3QUmXAc4PSxlv%2BA0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec71bc16b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/trls.js
104.21.7.3 19 kB URL a.crystalcrafter.top/ph-new/assets/trls.js
IP 104.21.7.3:0
File type Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Hash 2d452480e0a1246e5ed7e13278b99eee
dc1115b9c20884a07335bdf5abea5c399f5293d6
19b0897b045b6f67abdae0b9f6ca5987202456aa0d7bfc3b17128e94d2cf761d
GET /ph-new/assets/trls.js HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: application/javascript
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1e3f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2639
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJ20t18JW1q2p%2B3lHdfEVVKLP1ZPqWN0KM%2BhcJET7qLbZ0xEBJCsS2VIaeYNXSFQrZuKpOx03jtaAko8auNqDMsmsig%2FQwYJSB2vmUpS6A4XUsw%2BbTUMnoZ8tkQyaPbtZkJ9ar%2FKng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec705a47b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
142.250.74.99 11 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (40976)
Hash a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 06 May 2023 11:22:42 GMT
expires: Sun, 05 May 2024 11:22:42 GMT
cache-control: public, max-age=31536000
age: 504121
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.crystalcrafter.top/ph-new/assets/rec-1.jpg
104.21.7.3 14 kB URL a.crystalcrafter.top/ph-new/assets/rec-1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/rec-1.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEGMv340MNMxvoC%2FiUs%2B4wZgKOz5hi7gAsxq0q56QPQiEfMC4QRmEMne5eIjzZ%2F9fTadLh79qGUSXHEeuyXihciqsZWZiC%2BUVl42z5ewK450cYTHUXu9f2NV9f3Xd0cIZxwqXtVYEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec740f33b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/rec-3.jpg
104.21.7.3 15 kB URL a.crystalcrafter.top/ph-new/assets/rec-3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4d58cecaa4f40c979917c8e4d907033f
f0c6d616bcc3f4bd5a1dadbca8254d9f34f2921c
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996
GET /ph-new/assets/rec-3.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 15217
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3b71"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZJP9uI9dgpSKrxneJRRVvOWwvxhZDi6VRrRg62MAoR1nnTDU6bRqOx%2B0pE5OVraM9gRA%2BSkx2lAieHVi3b%2FCGQb%2FJeXJ4WZRe5MqUPAC0Jlm9rXttsjGD%2FbjbLtZ40OHf8U7PyUuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec741f57b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/rec-4.jpg
104.21.7.3 8.9 kB URL a.crystalcrafter.top/ph-new/assets/rec-4.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 8375f2a1249ce00f118c5b616ab71492
4e2d3bc095c01632578b0b39afbfc03f43e3fa42
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483
GET /ph-new/assets/rec-4.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 8900
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-22c4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQh1j3AUQia6GxNZ%2B3%2F1%2FpNqExgf3NbUsNOEpqPaACA0F961TnJ%2FbkBDvWNjFOQTlRJUJcxhVeNx1yaGpZhMo31SNlwinYdw67vMpJp2OybHzBm7YTEwGhNYllC0R%2F94GPCdx9Ywnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec742f5bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/rec-2.jpg
104.21.7.3 11 kB URL a.crystalcrafter.top/ph-new/assets/rec-2.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash dbe1dba764a2ef20cf6760ad30539988
e14dca406d4f5932a9a4683635bbdf87def79eba
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7
GET /ph-new/assets/rec-2.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 10890
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2a8a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNcm7wBpSBmdbm%2Bk6namBVn%2FakU97kAy9YFmpjOjMzn%2FfcnBZbThlesOTyv%2FkA5kROgOxb7mG%2F91X2L1xOAHYGRw73HXhwlGtkzv13ZKAFs78CiCHsO%2FUBEv8q1rV3SMvZ7snTjjDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec741f54b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/rec-6.jpg
104.21.7.3 16 kB URL a.crystalcrafter.top/ph-new/assets/rec-6.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4887925f773d2ba9caea39686f764c7f
98c9abb09854fee425dbd78ad623af053cec6721
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773
GET /ph-new/assets/rec-6.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 15988
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3e74"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Hm66jGADxdnamKHTlcC5jkSADhyp%2F5ouEVGI5rVBbZoXwUNIfTnDkvDnC3rgCi99uoknQf6HtlpwLp%2BrKpZD40TwHG4QO%2BD59iA420vYA1GClVj%2Fc77BieBto29oH2zzgK8vLBoEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec742f6bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/rec-7.jpg
104.21.7.3 14 kB URL a.crystalcrafter.top/ph-new/assets/rec-7.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f8af6bb4bdbbf2788da61a614e2f214e
d4a22a315356fcbc5f4a6af2d8a15e96721abddc
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc
GET /ph-new/assets/rec-7.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 13963
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-368b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRQ%2Bpc4vQyyk%2F7NTS98n6JCWezPe1quvfX1BD1%2BB8Ej27CgzXHMgMF%2BjkgY3YZSetT6C4kzmC0CQ3QfKom5sf%2BGHWz5QSb4yMcah88GXwDBQM2JbEwLzG1rCvgEMwPqlD5Jq86%2Fw7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec742f6db511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/rec-5.jpg
104.21.7.3 13 kB URL a.crystalcrafter.top/ph-new/assets/rec-5.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f9ec603fbe19b12e8a8c1874eea3e5f2
0e24410f618ffa17dc6a9380a5b9a4c06dfba4a9
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02
GET /ph-new/assets/rec-5.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 13149
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-335d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7dcG4Qf%2FMoQKJRLceaxbVN7PgVAG%2B2kU8WSo5NQ4IQXibSoHCfBHId97A%2Fu30GtZ5tDjHn%2BOvPazswVqUEtD5XNzRkpjjk%2BurEYTQQAygL2SJ95NI49BRsmLIaH136HZ8ulIS4y%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec742f60b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/rec-8.jpg
104.21.7.3 13 kB URL a.crystalcrafter.top/ph-new/assets/rec-8.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash eb826882457e1589d8a7d3b3499c4556
91284882dec199a9cc02ffa3ef3c86505159ce12
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940
GET /ph-new/assets/rec-8.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 12992
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-32c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njNOvPZNynowwuXDn5h2Z7gkzmx%2BgPM2WvEmOfcbz0Wcy8ey0uhNiqy79gpola7TN4Il4zGohTrSz8CaGJfwtWHycPZq8wjRrB%2BlD%2BoXjh2rlHLp4fRP4OI43csEAmmGijvewtCw%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec743f95b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/3.jpg
104.21.7.3 11 kB URL a.crystalcrafter.top/ph-new/assets/3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 3f9b232e4a112a89dedcae34ff319dda
5c633886ceeaf3b1185e24253df6be39378c8e85
55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a
GET /ph-new/assets/3.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 11094
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2b56"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6S8xB%2Fb8DGYKr2TsVJYO4GK5%2FVrEwyJQbjiExdXFjcwRyvVkJkwS8cRuR470omE18rscsRgxDXQ4DYjErKV5dMa8LbTjr3P3awHKitCz8KIcm2p2o7kIU2l0eU7T81iACN%2F0IYjZXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec744f9ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
104.21.7.3 37 kB URL qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Hash c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581 HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:41 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caYpnECKSW5LNCJI1tJWQ81%2BYcBEvLjvBtgF%2FDtCcGUuxwg%2FW711GuCXLG4iPHG4ht8ZYqCFjecd6lVrPRyoUqsSSAmXBV3v6zUBtzEGRwzGuVjeekNN%2BqMhz9hSSEdUHWiOo7XROQ1j5%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c60ec697896b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/1.jpg
104.21.7.3 14 kB URL a.crystalcrafter.top/ph-new/assets/1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/1.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gR1mXcTKHl9v%2FjYfZMTXDZVMkCOu4Ph0zf1spav8iTZQu0L5FZ4vwZfOSuGHMpsRZLY4A72cmwJKlt%2FdLOYk3YMrqwA3%2FXKAWSrDqJw9aX82FTCdGFdG2CwBBGHM1DAiF872RCLMrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec744f9eb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/5.jpg
104.21.7.3 12 kB URL a.crystalcrafter.top/ph-new/assets/5.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 113d196991f086fe21f82ee35286eddc
093b74a20c8902f13be1ee735f90a93e397227f9
34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1
GET /ph-new/assets/5.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 11713
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2dc1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3ws8xDdpmVngUyg1BO3e2AbA%2FnWHL2w%2FAIsxABDcOG0hbdggNmu%2FI7RWVH5EOzLhb5XjkkUOncdrp1AiQ4suSqg75so61Vw%2BogaI%2F6WQGonV71CSG0KNTna0ecu6LUwofTrY%2F%2FRng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec746fdbb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/ph-new/assets/4.jpg
104.21.7.3 14 kB URL a.crystalcrafter.top/ph-new/assets/4.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash a4bef91e21afc13fed7f0bebcc6c4495
5dd2288d13e016a66fbe1f5605b2ed0fc3ad6326
44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd
GET /ph-new/assets/4.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 13611
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-352b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sSAvev1pK%2Fdj2qL0f5YqYr6VHRrWLTj8W4Yz%2FfHCmV%2BqqkZti6v3j3q1n6Pazm3VSqovVOWZLi1kYvqy7GWQFWYZLLxcxedmIhV14H0LJwedkK9Wr5jgWk482wb3itgb%2FLLzdmXKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec746fdcb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/assets/thumb-big.jpg
104.21.7.3 83 kB URL b.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Hash cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788
GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 984
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nE8%2F%2BVZgNf8CRWEgb9AN7ZIrDW7CZwzeISQm473%2BGby7ryP3wlUGlogI6Z7qi%2FZorW%2FSoKRKcte8FAMNT30HyxmvKIi0HD6Kz0g9RaEwAGlnzw59Y%2FJEz4qpye0cEr0v7fZxxmUZpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec763a2ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/favicon.ico
104.21.7.3 0 B URL b.crystalcrafter.top/favicon.ico
IP 104.21.7.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 12 May 2023 07:24:44 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTGOW7WIEUJKmePNwJPCfHImy%2BwpAjBJdVuUFTBYFOTS%2F%2BcwfqM72BMQjx06bS1BsjTD4aPZFIVtfjwI%2FqKWIQckYgtL6oIqAj0XuDrDheGQxR%2FhOU%2Br5Q99yNF%2BcTZMAvmCduUP5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec778b8eb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
142.250.74.99 6.8 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (21158)
Hash e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 06 May 2023 11:30:56 GMT
expires: Sun, 05 May 2024 11:30:56 GMT
cache-control: public, max-age=31536000
age: 503628
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
142.250.74.99 11 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (40976)
Hash a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 06 May 2023 11:22:42 GMT
expires: Sun, 05 May 2024 11:22:42 GMT
cache-control: public, max-age=31536000
age: 504122
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.crystalcrafter.top/ph-new/assets/style.css
104.21.7.3 27 kB URL a.crystalcrafter.top/ph-new/assets/style.css
IP 104.21.7.3:0
File type ASCII text, with CRLF line terminators
Hash 807d696b86114245f8eda3dce43f61ff
6d65ffaf8ec2107db8f1d29c410f152a8b809a56
7524af6d5f36df3e5d5c8148bc63e3956de050fa262fc0589e2a58dc606977bc
GET /ph-new/assets/style.css HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:42 GMT
content-type: text/css
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-5f33"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2613
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6xOFWcTULyGLbNSe8rzVX8aBRNAoYNdaCOFi6Ib1M2OGLJPOXCVsq2drjRP8ZdQonzTboChYfc1IZa6sJrExHzv88uZXnpgsPtBTs5rgog5MZpKAYe6sE9Txl9wq1TXVBxa25Vxyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec706a49b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/assets/rec-2.jpg
104.21.7.3 11 kB URL b.crystalcrafter.top/ph-new/assets/rec-2.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash dbe1dba764a2ef20cf6760ad30539988
e14dca406d4f5932a9a4683635bbdf87def79eba
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7
GET /ph-new/assets/rec-2.jpg HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:44 GMT
content-type: image/jpeg
content-length: 10890
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2a8a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6842
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1bV0AkuGWsAkQ83KQhIR%2BA%2Br5T1IYj94e5QSZTdklzuv%2B%2FsjsOQtpO1Qls5ZGHjztuycpBs0WYk3UUQFH4fxuQeD7mE%2BLeKwBzdGDxYvqRgeYqxYxkd32fcu2HvfNBu9X9I7aoC%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec79ce68b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/assets/rec-3.jpg
104.21.7.3 15 kB URL b.crystalcrafter.top/ph-new/assets/rec-3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4d58cecaa4f40c979917c8e4d907033f
f0c6d616bcc3f4bd5a1dadbca8254d9f34f2921c
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996
GET /ph-new/assets/rec-3.jpg HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:44 GMT
content-type: image/jpeg
content-length: 15217
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3b71"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6842
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UDZVCHOlNcrIApEW9rBys9FK%2B1R6rhukdQzw2SAx638u5w%2B69WUn2FNHPIotl%2Fru60SU51gABs1kAHpTOSl0uR1p%2BbDMO%2Fanp1xuMXhooSwKB0sJ8o1eUvKS4xLTeUFLXru4TDDSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec79ee7ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
104.21.7.3 25 kB URL b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Hash c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581 HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cB3DyicwlloBjkd%2FbH5NwPpwMbuvH1pVCKgZpxTu3jcb384vbyPHAdy6UcZEZrKf2Aq3AmORaOnfFeg14wG73GKud3Q31SHFa9hbpKnjudOqiMyCw7jITKnpLGUSnBk2rE2WGpi%2BAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c60ec763a2eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/assets/rec-7.jpg
104.21.7.3 14 kB URL b.crystalcrafter.top/ph-new/assets/rec-7.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f8af6bb4bdbbf2788da61a614e2f214e
d4a22a315356fcbc5f4a6af2d8a15e96721abddc
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc
GET /ph-new/assets/rec-7.jpg HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:44 GMT
content-type: image/jpeg
content-length: 13963
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-368b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5701
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZEe%2FQ1b7yv8hmHJLFBtpRmL97Mu%2BaF86BRizUGVLDXlsN8O%2FIoNIZg0a%2F04RYXRVN%2FHIYSRlHpANmfEyCXvc2nMlhKK7GEoowjZ%2BePmUaEXVWIVS1acvIcixxnNHlCq484olTszdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec79ee82b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/assets/1.jpg
104.21.7.3 14 kB URL b.crystalcrafter.top/ph-new/assets/1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/1.jpg HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:44 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5701
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqYG1VT%2FQsSYDdLXcX5F%2B4Ke3mSZ4%2FzKUqh2ekO5LpjjRxds2%2Bzw0Qe7izWP2AEJH4ImRtP11LaBGKWKk3hBzz0vA8ueqyx1ocNWklXV4J5PvktG2DdL9pV%2BTzjBOH4NqQS%2FLcVQVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec79ee86b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/assets/rec-5.jpg
104.21.7.3 13 kB URL b.crystalcrafter.top/ph-new/assets/rec-5.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f9ec603fbe19b12e8a8c1874eea3e5f2
0e24410f618ffa17dc6a9380a5b9a4c06dfba4a9
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02
GET /ph-new/assets/rec-5.jpg HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:44 GMT
content-type: image/jpeg
content-length: 13149
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-335d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6842
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCXOyz%2BznoINgYUIQuND4euQx00bTf8VupiusW2Yk%2B4JnNm8rvYdwnth2QZ%2BCUO5QUcHc3fACmt6Iyf2QNgyhf5RoUHyFsT5XYyiK189FJ6IQmqCN4%2FxTeCaRLQ9tsKU8OYQysfoGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec79ee7cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/assets/style.css
104.21.7.3 20 kB URL b.crystalcrafter.top/ph-new/assets/style.css
IP 104.21.7.3:0
File type ASCII text, with CRLF line terminators
Hash 807d696b86114245f8eda3dce43f61ff
6d65ffaf8ec2107db8f1d29c410f152a8b809a56
7524af6d5f36df3e5d5c8148bc63e3956de050fa262fc0589e2a58dc606977bc
GET /ph-new/assets/style.css HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: text/css
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-5f33"
cache-control: max-age=14400
cf-cache-status: HIT
age: 984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7UQgIexhEbnJh%2BZ3gHV5tF5omKP7ZVFab7Bh%2BRf8Ga6xHVWNNFKp4ybLrG4k%2Brx3l0IeByzYe2LQVDlYx%2Few0pKosWh2Yk69Zb9KSSRtoomyzfY%2Fc5rQYF30P%2BT2ALvnobv6W1Ixw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec763a27b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/assets/rec-8.jpg
104.21.7.3 13 kB URL b.crystalcrafter.top/ph-new/assets/rec-8.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash eb826882457e1589d8a7d3b3499c4556
91284882dec199a9cc02ffa3ef3c86505159ce12
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940
GET /ph-new/assets/rec-8.jpg HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:44 GMT
content-type: image/jpeg
content-length: 12992
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-32c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5700
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGkINQARaU3BDbvJRkevJKolof%2FMhIiq0Mz5%2B27MDT2w78YH%2BG2106kBcu%2FPFPlm0Yj8p3zfmfn6POGUNimdx2nfpJHNVqs6PmfU6trsEJHVYIa4lPjVZG%2BA2N7wEy6KaXGWl%2B47Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec79ee83b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
172.67.169.207 22 kB URL js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
IP 172.67.169.207:0
File type ASCII text, with very long lines (2612), with no line terminators
Hash 0dba333948dfafc2c7425b4aadf8185d
9cd6d970a6bd52e0e8e54f8ad0e80ab13da7fc13
aa5200ce8a6b9c60f852ae45a468b47860a65f0b53e2824ef63c71db9157cef2
GET /ps/pl.js?edg=true&fullscreen=true HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Cookie: __psu=32d87645-74f4-45b8-af65-59b874d89c39
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWitp7Skg0uHQ2VVHA%2Ffhev8LktEJhH0kFvncxUQdFBK8zDr%2FmfAfmq2RBbDHdS8%2BhWMYRYBFy5DKh%2Fvlitz9GSRIVRWmlHyCo50MotGn%2F7uYQZpVf7Um2ir6VVN%2Fm2n1c8%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec766f9dfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/assets/3.jpg
104.21.7.3 11 kB URL b.crystalcrafter.top/ph-new/assets/3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 3f9b232e4a112a89dedcae34ff319dda
5c633886ceeaf3b1185e24253df6be39378c8e85
55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a
GET /ph-new/assets/3.jpg HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:44 GMT
content-type: image/jpeg
content-length: 11094
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2b56"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5701
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUqmmI0PVNEaWpdJfYOdC3lDudixryZjfrxaUTvD9w%2BmjPpdDYDi036cggrauY0q5a%2BbBGq4%2Bov6sowF5S5yKe2FnGfSo0YxZ%2Ftoc1jTscWdm05jtNqI1l05VRssF7BdUyDbkJ8LCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7a1ec5b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/assets/5.jpg
104.21.7.3 12 kB URL b.crystalcrafter.top/ph-new/assets/5.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 113d196991f086fe21f82ee35286eddc
093b74a20c8902f13be1ee735f90a93e397227f9
34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1
GET /ph-new/assets/5.jpg HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:44 GMT
content-type: image/jpeg
content-length: 11713
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2dc1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5701
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVXoLB57fDbw9u2zW1KX%2Bcenjg%2FlRTS3ITI2CkBh%2BPkncezaJwDZv3wRg6anH2CwL1onYRqBzZQkbPfMuoi1HuwNeJZv2eq4qaWl%2ByjN7JAovkfSCMjh1hxaoxaw8nz0qn268ksUaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7a1eddb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/assets/4.jpg
104.21.7.3 14 kB URL b.crystalcrafter.top/ph-new/assets/4.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash a4bef91e21afc13fed7f0bebcc6c4495
5dd2288d13e016a66fbe1f5605b2ed0fc3ad6326
44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd
GET /ph-new/assets/4.jpg HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:44 GMT
content-type: image/jpeg
content-length: 13611
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-352b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5700
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uu99uVFjI17u5aeuqPIlflSJ4wt5GfgUSnq%2B7Xl3uOt5z9JTbcbz5sh3nDz70Ih9PeLWCx66A1XrQa39gr%2BYjKvkUkKq2UnPfuUoJKCFEDH7dfhtIqbZwN8G%2FJfLgj4b1DkRCdO8fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7a1edcb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
104.21.7.3 98 kB URL b.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Hash c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581 HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:43 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1NnYh7u1jtmSRJRRUD3vU4KfjxIyHEbNwdvVX7E3z92ebdxV3Q5qG62g%2Bl47Sz%2BGbr6wPpcTiiwngdJZdyBgtRVaVHsdAL3PgRYaSz6GgtoTpxCOQrhW%2BObUz4bIDk1HiWEDpwFeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c60ec751890b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/favicon.ico
104.21.7.3 0 B URL c.crystalcrafter.top/favicon.ico
IP 104.21.7.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 12 May 2023 07:24:44 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBRWrW28JT0Rw1JbwuO92RLlpBesNFcyoa0463wp2CyZqChnBprz6ArHc9F781Chx5K8XGmDr9%2FaQ1wgs9RkreTbbO82C1088HJx39QdBjoqlNIHM2wYJ8%2FC35%2BgoG08CUHqIwR39Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7bf915b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
142.250.74.99 6.8 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (21158)
Hash e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 06 May 2023 11:30:56 GMT
expires: Sun, 05 May 2024 11:30:56 GMT
cache-control: public, max-age=31536000
age: 503628
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
142.250.74.99 11 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (40976)
Hash a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 06 May 2023 11:22:42 GMT
expires: Sun, 05 May 2024 11:22:42 GMT
cache-control: public, max-age=31536000
age: 504122
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c.crystalcrafter.top/ph-new/assets/rec-2.jpg
104.21.7.3 11 kB URL c.crystalcrafter.top/ph-new/assets/rec-2.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash dbe1dba764a2ef20cf6760ad30539988
e14dca406d4f5932a9a4683635bbdf87def79eba
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7
GET /ph-new/assets/rec-2.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 10890
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2a8a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3861
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qbu0L8fsjm61leZEDKzX%2Fpdu98rJIbhDKxDPZQ3AQH655SAfEjEIdUtKHBXJz1og%2BlWbuXGGhXtRoTtTwHfzn2eMLejCXqomYixI7GniZ%2FPVwk7Wkx%2FyejrZI7mk8ywrtA%2FnMKhJLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e4be2b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/assets/rec-1.jpg
104.21.7.3 14 kB URL c.crystalcrafter.top/ph-new/assets/rec-1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/rec-1.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3861
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASpGbP65hKlMenoKDFeWUpMYi6WL5xpLyvqNi5uNFbB%2FVrZ1JNVs7KnBvi74LSZ8WmFUd%2FzO%2BgwsZ%2FgYgdXoGfaZG%2F5cnjEuSntFm%2BxVPEsfJqCPghv9W%2B%2F%2BTo8Pq3UFd76YTbIRkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e4be4b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/assets/rec-4.jpg
104.21.7.3 8.9 kB URL c.crystalcrafter.top/ph-new/assets/rec-4.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 8375f2a1249ce00f118c5b616ab71492
4e2d3bc095c01632578b0b39afbfc03f43e3fa42
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483
GET /ph-new/assets/rec-4.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 8900
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-22c4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3861
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCTsmQZrn6Aw9OgPT5WEtsLO%2Bf%2BfNgaNdvtfqExJ2WRWTbs8fcOFRhPIgP1Qmd2naIB0gVpNIrZ1pPROhoAVnZCt2echzTUrQL15xjnyW0ibCDtJBvMYC2YYrTEGy6iGd6%2BMYJdGvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e5bedb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/assets/rec-3.jpg
104.21.7.3 15 kB URL c.crystalcrafter.top/ph-new/assets/rec-3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4d58cecaa4f40c979917c8e4d907033f
f0c6d616bcc3f4bd5a1dadbca8254d9f34f2921c
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996
GET /ph-new/assets/rec-3.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 15217
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3b71"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3861
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCE9C9s2C915pNT5wuPHQpWMZLphmXKlnjnWWy1ELGnHC1iZsDWoPm9b5U6tVaEhyk9qXaQkQ2ZZSKZNqaA3mfquVlCm0tFRFGXljZs%2BTwQ7uE1h6ckF3%2FHZGXRINHZM%2BA9EgWLP0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e4be6b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/assets/rec-5.jpg
104.21.7.3 13 kB URL c.crystalcrafter.top/ph-new/assets/rec-5.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f9ec603fbe19b12e8a8c1874eea3e5f2
0e24410f618ffa17dc6a9380a5b9a4c06dfba4a9
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02
GET /ph-new/assets/rec-5.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 13149
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-335d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3861
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hu2t9%2FpiviRnPbnqxkMmDQkb5nZzSnyP7IUeQQHv5QTDtsqXCNPagA29PflbrcLpkCDDR4PRYNJCumxR8cJhR4%2BLxSkBMFMaU5MDbbwt3nDu2tdLj0b6zfVSr77WC6FWchZJeCRBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e5bf3b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/assets/rec-6.jpg
104.21.7.3 16 kB URL c.crystalcrafter.top/ph-new/assets/rec-6.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4887925f773d2ba9caea39686f764c7f
98c9abb09854fee425dbd78ad623af053cec6721
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773
GET /ph-new/assets/rec-6.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 15988
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3e74"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3861
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oy6GMs6Lof%2Bh%2BTYfNYiviXYRmtcoiDmx34%2FthrW8lBcWNNVP50gPoK2t7k05%2Fq66MZfMuiooHjVUKVS0gHiRBVZVVHsU1Hr5aCuXm9E6PCNNn2WNK744BzgmRSZwkje2cZBt5FcXsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e6c02b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/assets/rec-7.jpg
104.21.7.3 14 kB URL c.crystalcrafter.top/ph-new/assets/rec-7.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f8af6bb4bdbbf2788da61a614e2f214e
d4a22a315356fcbc5f4a6af2d8a15e96721abddc
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc
GET /ph-new/assets/rec-7.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 13963
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-368b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3861
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcLkqsJfJKI0ws75%2BMn5JpUUFPPGBYVl0TzMcU7eiEJXfYK5lVQvGBVP6y5%2FjWNFTqD3MWdnM%2Ffa1evX1rYH4%2FFAFAMDZsUJLRgG1YHQmsix19gL9bu9%2Bc1barv9j6fh%2BCn1U%2FpRZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e6c12b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/assets/1.jpg
104.21.7.3 14 kB URL c.crystalcrafter.top/ph-new/assets/1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/1.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2521
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wK2%2FEWM9%2Bp8UEnZjZ4DMR8kDteAcSkIAfEOy4CN0iQGWr4shmbebJD7BQYFcFDTBLtCbCTqRsWZzmDTaSFahLykA7xDMAjxPeFytDA79cyXoBWt9FbPpJSiDZLrJmb6fnS%2BI3Pk0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e6c10b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/assets/2.jpg
104.21.7.3 21 kB URL c.crystalcrafter.top/ph-new/assets/2.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash c3f3eb5d00c73ac19828309a4cde4e96
be66f4e10a00d90a0f8fdc0a5a4dbd19c143d97d
626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763
GET /ph-new/assets/2.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 21253
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-5305"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2521
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DatT9c4bDW8rOBOIgTFVFrL7mlm6epm%2FmeY50qCW2PKqCVZv55pT%2FHTkzSVzuEKwMhnQEKjp%2Bau2PjZd%2FXrJEjXRKXTrA1LcPbqYcOyHRWHDNzBpIgmx6FLE42fuSLrhdo4cM2VEXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e6c13b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/assets/rec-8.jpg
104.21.7.3 13 kB URL c.crystalcrafter.top/ph-new/assets/rec-8.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash eb826882457e1589d8a7d3b3499c4556
91284882dec199a9cc02ffa3ef3c86505159ce12
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940
GET /ph-new/assets/rec-8.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 12992
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-32c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3861
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgKRxGEjz8k6rveCc7jLonhJ28yqWIkZgmHThcE8fXVaiVAyM4G3qMolrHVz71bj8CSdysUxfZSbCyPELCi4IdVktHSPRr4OHt4YROdMnOWR7ahI5wnN25tOXzDQBofDyhh%2Bv8SG%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e6c0eb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/assets/3.jpg
104.21.7.3 11 kB URL c.crystalcrafter.top/ph-new/assets/3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 3f9b232e4a112a89dedcae34ff319dda
5c633886ceeaf3b1185e24253df6be39378c8e85
55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a
GET /ph-new/assets/3.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 11094
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2b56"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2521
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2F2HTq%2BLafO35DL2A6N383eg75cJtZ2BVC69ToeARVYIsZ1YLSSs6fqmIQg2EfBg52Jps2nRrkPq8%2B0J0Ytoc3s4SXydecgfXIjMj49nwSbSUx0ZyE6iTjqvR58nBauACOJRmvnkpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e7c1ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/assets/5.jpg
104.21.7.3 12 kB URL c.crystalcrafter.top/ph-new/assets/5.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 113d196991f086fe21f82ee35286eddc
093b74a20c8902f13be1ee735f90a93e397227f9
34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1
GET /ph-new/assets/5.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 11713
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2dc1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2521
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8Z7u5XJkqW4MkE872sFUbB86WjbyU8PkJeUnMdsULHVpuwITxLZIIn9JzI%2B%2By2ZdKczSBw%2Flv5G0GoMKMQMKM4a7LsyZ475NcGBxe0PAsko%2Fabg98BHfGhDPXIA%2FkZ7Ci3eEr423g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e9c32b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/ph-new/assets/4.jpg
104.21.7.3 14 kB URL c.crystalcrafter.top/ph-new/assets/4.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash a4bef91e21afc13fed7f0bebcc6c4495
5dd2288d13e016a66fbe1f5605b2ed0fc3ad6326
44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd
GET /ph-new/assets/4.jpg HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:45 GMT
content-type: image/jpeg
content-length: 13611
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-352b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2521
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKGrpaX7QPxoXnYQWxHaqQJSimrlJU%2FCAmOVP8ERJnHXP2xzRhQkCQFJINRfcM0JOplK2EPWP2ML0SUki8HEPZxSNdNmIgl65i6eh8obchd1igyJA1mPBrO5d04SUx3Ow%2FwfNISs9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7e9c31b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/thumb-big.jpg
104.21.7.3 83 kB URL d.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Hash cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788
GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:46 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dew%2BS6Rxmbw9bQsEM3rO3md36TKb1nHGBbiBIqVXzJbApjOkvH7Sy9rj%2FegBDjzcYJwCkS0gkAoE8uDcb5OZioEOfPX2sByV2snoiXeLQlOh2RfX%2B7gLBt%2FQcIl3UPThtYuZ%2BhBlRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec85dcbab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
feed.streampsh.top/ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA
172.67.169.207 226 B URL feed.streampsh.top/ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA
IP 172.67.169.207:0
File type ASCII text, with CRLF line terminators
Hash 94d0d575f775178a35588e080cfceef5
5dc7578ef1009f4435b49e8ec2020da3c8bea73d
39ab43d2c92eea10c3f21f346f4a137987f99da1efd496ddd3f132d166244e3d
GET /ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA HTTP/1.1
Host: feed.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Cookie: __psu=ff8e320d-7039-4448-bb0a-dafb54f713f3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:44 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mxgtpip97l09xpRdH2bw4Yj41%2BqjvG9PfFioSMofjxPiqOq72xXXwwyOjPm4AA6gx%2FYATLDZzt0QWC91%2FLXycEk5u1mQ098QtHlURkdQvx2PzE9klaEIuFWyKi%2Ffgp%2ByOa3fJ1M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec7c2b8cfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
104.21.7.3 23 kB URL d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Hash c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581 HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:46 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bknRcxYDvpW1dUSwI8MMNMr5VdgPv0EzLONVyM69Cw9WJlkjE1AK5o%2B2uQab%2Fef1sxmsi1Lu24JfKsloLVSqbUGrYDRvszzRZtPxMIUdCHwsr%2FXiQ%2FsghiRjkl5FUh3gVeWROlGlGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c60ec85dcbfb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
feed.streampsh.top/ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA
172.67.169.207 11 kB URL feed.streampsh.top/ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA
IP 172.67.169.207:0
File type ASCII text, with CRLF line terminators
Hash 94d0d575f775178a35588e080cfceef5
5dc7578ef1009f4435b49e8ec2020da3c8bea73d
39ab43d2c92eea10c3f21f346f4a137987f99da1efd496ddd3f132d166244e3d
GET /ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA HTTP/1.1
Host: feed.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Cookie: __psu=ff8e320d-7039-4448-bb0a-dafb54f713f3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:46 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vscOSY584dpD2k4xaTr1Bf7UzA8MvMbwqxKVAPsEfQtAFiUVQXECGwrEFpeT2ex8k1s8E95V5WeZ7gs5U61epaFKx7WW5E81J9dJVKq8EZx9%2BfVaR0fVaFnMWsacMYI5YKafuBY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec876c5dfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
104.21.7.3 20 kB URL d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Hash c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581 HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:46 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwUW3sGlZH%2BLN5M0E5XzBcId112DdGwHjNtBpnLLw1TjjiKUm%2BOCXw3IdN0%2BYMCfo3kkWkvDhHLanYVwO7HQxQREQcVllSVUHdf3MvE0BpTEpOoyujuWz47EmQ4xbrSh6C583LBcew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c60ec84db90b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-1.jpg
104.21.7.3 14 kB URL d.crystalcrafter.top/ph-new/assets/rec-1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/rec-1.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:46 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5033
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1XVFdznUao1yu8ucKlUNm9TYy2a4EeogUB1%2Bi6szYms2UKasJfBE80Rhl6IkHvvHoEW8c7J56ymplarW1SmeyS3O1tbkcwhbePspWxaqpHbPsEZi2IgtC1m310%2Bu8BwrLhjgfjE2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec89891ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-2.jpg
104.21.7.3 11 kB URL d.crystalcrafter.top/ph-new/assets/rec-2.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash dbe1dba764a2ef20cf6760ad30539988
e14dca406d4f5932a9a4683635bbdf87def79eba
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7
GET /ph-new/assets/rec-2.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:46 GMT
content-type: image/jpeg
content-length: 10890
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2a8a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5033
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unmUoSoFu6Nvgfto%2B9eH5YUFRNfmCIO40DfxCnKyqJF32wnRer3sCHh9%2FxVf%2BzvfK4el%2BWBvrAS0jnnxRhr0XDd%2BbKf6lCoVTydFqIuS1lS2L9RcoVFzVwK7bgRCN6loycUANVb09g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec899943b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-3.jpg
104.21.7.3 15 kB URL d.crystalcrafter.top/ph-new/assets/rec-3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4d58cecaa4f40c979917c8e4d907033f
f0c6d616bcc3f4bd5a1dadbca8254d9f34f2921c
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996
GET /ph-new/assets/rec-3.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:46 GMT
content-type: image/jpeg
content-length: 15217
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3b71"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5033
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p23Z8Bl7lEzFveFImbxdmlnsPy8zcVWGJeHAX8hvIJAmctTgVWE%2B%2Bg4pU59LjtoG2leYZWUi2FOdq7IYh9Kwhip2mADDtJk9S4SuMN2rzhQ8z8d4XcRgJci8spMcNVU9l829PKRFjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec89a952b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-4.jpg
104.21.7.3 8.9 kB URL d.crystalcrafter.top/ph-new/assets/rec-4.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 8375f2a1249ce00f118c5b616ab71492
4e2d3bc095c01632578b0b39afbfc03f43e3fa42
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483
GET /ph-new/assets/rec-4.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:46 GMT
content-type: image/jpeg
content-length: 8900
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-22c4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5032
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItjRgGl5EUy0%2B26UEf%2FnMgQVK7nm7DnH30tvh2OaeP9ule%2BTUCK4VjP0lWtRRv8bH%2B%2FxXmSsgueQZrItUSceenq4iLpwGOAmZD1zm9prDcdpmPNvGFPnzUAbDpdc%2FZ7Jyo%2FjUaJNjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec89a953b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-7.jpg
104.21.7.3 14 kB URL d.crystalcrafter.top/ph-new/assets/rec-7.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f8af6bb4bdbbf2788da61a614e2f214e
d4a22a315356fcbc5f4a6af2d8a15e96721abddc
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc
GET /ph-new/assets/rec-7.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:47 GMT
content-type: image/jpeg
content-length: 13963
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-368b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2857
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmYvleH7ueW4bbW06YpOcRgQ41KHmebpFsWxeel2b646gLVi%2FQUWw1yvMqeuf1YLazeae7HShhm%2F6%2FwPI3drtX%2F977UweKpFyxVEvjjPQcD%2BFDe1Qe%2BA3KEUsjpm88g2wBfUGckBOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec89b964b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/2.jpg
104.21.7.3 21 kB URL d.crystalcrafter.top/ph-new/assets/2.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash c3f3eb5d00c73ac19828309a4cde4e96
be66f4e10a00d90a0f8fdc0a5a4dbd19c143d97d
626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763
GET /ph-new/assets/2.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:47 GMT
content-type: image/jpeg
content-length: 21253
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-5305"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2857
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkU%2FSDK0J3fVsFYT2PyxGu7ujsp%2BzV7VdOf47rnEqDK7JcUzngxk8vHmXye9DTT2C3qiNwi1i333WePHFv63N%2BrpuJo4v2HKznd48tHqzQQErF217R%2FNBZ49QaTdsoCNRlrsBMnOjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec89b96fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-5.jpg
104.21.7.3 13 kB URL d.crystalcrafter.top/ph-new/assets/rec-5.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash f9ec603fbe19b12e8a8c1874eea3e5f2
0e24410f618ffa17dc6a9380a5b9a4c06dfba4a9
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02
GET /ph-new/assets/rec-5.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:47 GMT
content-type: image/jpeg
content-length: 13149
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-335d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2857
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TNS8MOHoPEJ0oks%2BgfRlS23n5Ts8FiJt6iFW2tDViGP0ronwNxUtEzrFAwFSowE%2BkrQzrkbdJz2y0GD0WXPhjzPubM5THVBYAL%2F5cfXXjPZeJ%2FFHEDEFyo4EADZZDpWv4KRJH89QA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec89b965b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-8.jpg
104.21.7.3 13 kB URL d.crystalcrafter.top/ph-new/assets/rec-8.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash eb826882457e1589d8a7d3b3499c4556
91284882dec199a9cc02ffa3ef3c86505159ce12
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940
GET /ph-new/assets/rec-8.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:47 GMT
content-type: image/jpeg
content-length: 12992
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-32c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2857
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WGCeBEbGSgY3aODClVq0aOlnvxxiQyIEf8yxQZp%2Fe41ySBjGY6gH81gXnjAx%2FMHhIZqvWJSAAnEnKuz0rc2lluL1LFgFOqkyC6zihO6n%2BW8axtQyOsg9L8okWjYQFSskzADYO9VwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec89b968b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/3.jpg
104.21.7.3 11 kB URL d.crystalcrafter.top/ph-new/assets/3.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 3f9b232e4a112a89dedcae34ff319dda
5c633886ceeaf3b1185e24253df6be39378c8e85
55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a
GET /ph-new/assets/3.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:47 GMT
content-type: image/jpeg
content-length: 11094
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2b56"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2857
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0ILZZ9BybMTotslMBCSpPe70Sf8628FxbjxPwqEdTXbuamqXBiZGTnt8ZiUwHLNF3JOBHBafa9dAdJG7xid%2B87ofiBj0oZQ8tzDY%2BxthBkcKaJdNFyisRCWMkRQiiZ%2F%2BQZ8Q0GWXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec89c976b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/1.jpg
104.21.7.3 14 kB URL d.crystalcrafter.top/ph-new/assets/1.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
GET /ph-new/assets/1.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:47 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4855
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZJJ%2FU0Naz80Xe1iFOeYVIA8bu2hyLlmA8IBTBC1HhFURBIQvRpCyfZ%2F6oS%2BaR%2FFg6%2BfSJhhETvxjvEEdWkx26%2BXEgT57wYCDrM54thzaDXUTCqb%2Fb7Cnpvl%2Bvt5rs9TvCQlkffp4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec89b96ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/rec-6.jpg
104.21.7.3 16 kB URL d.crystalcrafter.top/ph-new/assets/rec-6.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 4887925f773d2ba9caea39686f764c7f
98c9abb09854fee425dbd78ad623af053cec6721
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773
GET /ph-new/assets/rec-6.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:47 GMT
content-type: image/jpeg
content-length: 15988
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3e74"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2857
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8V0tgpYnN%2FvR3nVOeMQwrexeZY5o7rCusuY%2BO7wBL%2BHwuSV%2Ffs3ZcKqPFHcsPoBg0ecOZakR1jq6PO7jdZYP%2BN7B8yVSduS4SR8FcrOju9n2F3MyZatGGkZtTFlLmh90y5mbnPq3QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec89b967b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.crystalcrafter.top/ph-new/assets/4.jpg
104.21.7.3 14 kB URL d.crystalcrafter.top/ph-new/assets/4.jpg
IP 104.21.7.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash a4bef91e21afc13fed7f0bebcc6c4495
5dd2288d13e016a66fbe1f5605b2ed0fc3ad6326
44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd
GET /ph-new/assets/4.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:47 GMT
content-type: image/jpeg
content-length: 13611
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-352b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2857
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PljnaPXswbPwxprTy%2FK4KNukyZm15Il%2BEzNuh1hcsPPMMCnqVLlUgpdPrehYSxqRfmFCnru65EDuCvPtXp0j2%2FkfXdl4uT6SpIbAkjRYbZpn4%2BL8iPH61%2FxgRos3mW3rUv9%2Fs38NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec89f9bbb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
104.21.7.3 28 kB URL qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Hash c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a
GET /ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581 HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thale-gds.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 12 May 2023 07:24:41 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zf9krDvyYj2V5ffP%2BWkjIbcBbVGyeNyc2K5yiemlXAo6ogBnwwFfAqoX7q1ri9UKibbHY%2FWJSnoAqaXmLXVNNntfi8eRrPyyd0OLUYsEhyX0xKblveBXjYezzv6quuj59FNjrABew5QbKnI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c60ec67ace0fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&appspot=
172.67.169.207 9.2 kB URL js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&appspot=
IP 172.67.169.207:0
File type Unicode text, UTF-8 text, with very long lines (23360), with no line terminators
Hash 150e8f8e8810e8beb315230ff44c8392
228109122609ef203ef8453e8066b15ed5344160
01ffd75e0e7b095e41d3ece71a002bfbb95115d8e9642289dce1587f9645d94c
GET /ps/ps.js?edg=true&fullscreen=true&pl=true&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&appspot= HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Cookie: __psu=32d87645-74f4-45b8-af65-59b874d89c39
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:46 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrPEB%2FsbmxrRba58XYTkTpkBXyx0wxHSD%2FqtFV%2BX29kN%2B0MMm4WEiPCxTZ6Ro6hTpa8QMHvYYcAvvVTVYt7n7kRaNHfIp0vFXODKYICJWRXRDrtc4Pgt2eylUg6QoYDsx6jl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec868ba0fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-dimi.akamaized.net/landings/277386/1674482702/js/function.js?1674482703
88.221.27.74200 OK 688 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/js/function.js?1674482703
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash 5da2c51949f2a873bf0091a104658e72
89d122a536af95bd4183de41fa10e6947c9806e8
80a1aae3b07ee310419c80f52fb2f179bfebc74bf46598bc6b041455feef3201
GET /landings/277386/1674482702/js/function.js?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: /ugpl+ZA0b1doH5/3yLNYwjDAKG/jKCtMJkzvxvpvrzZL79aKEU2JjkQrEnyWNag7GXqsU0g1LQ=
x-amz-request-id: PQS3MC6QJD41C01W
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "5da2c51949f2a873bf0091a104658e72"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 12 May 2023 07:24:47 GMT
Content-Length: 688
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
63.32.216.166200 OK 9.4 kB URL User Request GET HTTP/2 oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
IP 63.32.216.166:443
Certificate IssuerLet's Encrypt
Subject*.amouronllne.com
FingerprintF9:EC:62:24:A1:D6:2D:CD:91:E2:B4:81:1C:41:99:4A:3C:28:2C:2D
ValidityTue, 09 May 2023 08:01:37 GMT - Mon, 07 Aug 2023 08:01:36 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (920)
Hash fc2210bf96d6203f048846b6b4802fce
eb04948b494f479e4a5ef8e7ba2d9527bc75c6eb
ef5a34ccc84f591009c636b0dfbe1324f118d58873985c5e042e542059925a60
GET /?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1 HTTP/1.1
Host: oxbnr.amouronllne.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 12 May 2023 07:24:47 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=645ddcb80006a954; Path=/; Expires=Tue, 11 Jul 2023 07:24:47 GMT; Secure; SameSite=None
unique_id2=645d7940000110b3; Path=/; Expires=Thu, 10 Aug 2023 07:24:47 GMT; Secure; SameSite=None
645d7940000110b3_c=1; Path=/; Expires=Thu, 10 Aug 2023 07:24:47 GMT; Secure; SameSite=None
ref_token=187050_169729_43431; Path=/; Expires=Sun, 11 Jun 2023 07:24:47 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Fri, 12 May 2023 07:24:47 GMT; Secure; SameSite=None
645d7940000110b3_sl=[277386]; Path=/; Expires=Fri, 26 May 2023 07:24:47 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-dimi.akamaized.net/landings/277386/1674482702/js/translates.js?1674482703
88.221.27.74200 OK 10 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/js/translates.js?1674482703
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash 07cee83d1be10af1ca991d1c60abd6e2
b5f142d6aac82ede612b6cf96b1e7f25d797e87a
6fc50a9d3f16721904905fa44980c6cac2e3e82f5da71c18f84d289dd1bc54d3
GET /landings/277386/1674482702/js/translates.js?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: TIW3vRFhKm0yCOx8VQ93CAm5ZLwnxLU8dQXppKANNofjPZl8kwWFGfOniviPbWsAJbMVgRtfaBs=
x-amz-request-id: K8AD9DT85B3KC9GP
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "07cee83d1be10af1ca991d1c60abd6e2"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 12 May 2023 07:24:47 GMT
Content-Length: 10048
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/js/jquery-2.2.4.min.js?1674482703
88.221.27.74200 OK 30 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/js/jquery-2.2.4.min.js?1674482703
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /landings/277386/1674482702/js/jquery-2.2.4.min.js?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: g0wEjRbeH4tQ2F6XZ6eWOYGJi3wq/1gm9Kh41qYfI2gKqV/7B6qWVpgtkKR5XQNvRcnILDnk9Xo=
x-amz-request-id: K8AFWKA9RCF1DXHJ
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 12 May 2023 07:24:47 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/js/vegas.js?1674482703
88.221.27.74200 OK 3.4 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/js/vegas.js?1674482703
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (11568), with CRLF line terminators
Hash 9acc66fdf18dea05bd75165eb5a96259
f613c52a08155727d4f07536d7bc8df5b6fa0c84
4941450491d73ab79ffb428e660c4cb581acbbad86edf8e943211ea51fe3a6c1
GET /landings/277386/1674482702/js/vegas.js?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: cnTKYV3j0ttH5Z4Sqnkq1TLYPTTKf16p6n7Tcz4Ajrk8GfHWfG08uqKcBGtoz81yZIyzVkp8T7k=
x-amz-request-id: K8ABFAWS7M4M20TR
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "9acc66fdf18dea05bd75165eb5a96259"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 12 May 2023 07:24:47 GMT
Content-Length: 3401
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/js/title_tanslate.js?1674482703
88.221.27.74200 OK 1.3 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/js/title_tanslate.js?1674482703
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 5f373fa5bf21c44b9ad23b70ef96e73d
068ef5b63ab18924a286f2c0c3ec46545e08c678
7f40bc2c95ee280de5320ae7d33f2e57eeeb0cda5b5820f2c456a0c9ba50ed77
GET /landings/277386/1674482702/js/title_tanslate.js?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: womzwfdvfx122HJC0dkG0vHaksbMgIvli2lULFltXAz+5rgXrN7rmt336XJc+hVlIHRzOUBFSVk=
x-amz-request-id: 9VNRHSM75H7FXJE5
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "5f373fa5bf21c44b9ad23b70ef96e73d"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 12 May 2023 07:24:47 GMT
Content-Length: 1298
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/js/tn_pHash.js?1674482703
88.221.27.74200 OK 252 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/js/tn_pHash.js?1674482703
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash 3544c08851825a863747a126548d6993
01882998e61b9f93d5f346386fa633f6b8d95b2d
9804b1c7443db74b2d7fe81cf11d84c8f0d9a7dee281b4fe8c15552bdc7eed69
GET /landings/277386/1674482702/js/tn_pHash.js?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: RKQIuPs47jw+GgV2YdzWtFHlInC0b1aKeP34MEdhK5mIMAIi06KYslboBYE8MYcQk0fLCThqxAk=
x-amz-request-id: 9VNGXFK5QS5WRCK2
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "3544c08851825a863747a126548d6993"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 252
Server: AmazonS3
Date: Fri, 12 May 2023 07:24:47 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/logo-white.png
88.221.27.74200 OK 9.5 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/logo-white.png
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type PNG image data, 300 x 124, 8-bit colormap, non-interlaced\012- data
Hash 27a8fdccc08741c52422bd4852f87c3a
b103730d95829f64c0746b97a85e0ada4f6c18a2
7afbc6f7cb728a9b4dfd7791a8207c60bdd255ea2f00ba12880bee15f7fbdff0
GET /landings/277386/1674482702/images/logo-white.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 88wUEndrDOVjhFDoJFuImNKhB1vuAo0EPKK1v0j+XWtpjdZgrqXQzMAcudO4WTDX7q7XpMg0zrg=
x-amz-request-id: G2MAJFMWPEEEC571
Last-Modified: Mon, 23 Jan 2023 14:05:05 GMT
ETag: "27a8fdccc08741c52422bd4852f87c3a"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 9461
Date: Fri, 12 May 2023 07:24:47 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/logo.png
88.221.27.74200 OK 41 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/logo.png
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type PNG image data, 1024 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash c0647e470e90e4e76c886ef3f4c651ac
fe1dd72ac0432bd8f261672c7c336cf902503d3c
1d4ad487984a8f689c904f3c2532f034b03d361c081dae581752cdc20d983037
GET /landings/277386/1674482702/images/logo.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: saaPX+6fCw1usaKklFw/lLXMWpDahD/h8HepIyRfp7tUjVa7nFU3kzNWR8/Kzs6O4Gu2cP8tbQI=
x-amz-request-id: 40R9FR8B9BMRDAP2
Last-Modified: Mon, 23 Jan 2023 14:05:05 GMT
ETag: "c0647e470e90e4e76c886ef3f4c651ac"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 40774
Date: Fri, 12 May 2023 07:24:47 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/1.jpg
88.221.27.74200 OK 62 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/1.jpg
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 900x1280, components 3\012- data
Hash 765620bf3d6dcdb5495b70409b6b4ba8
f4a00a38ca93130e5e0398deea0ba2f928e2172b
e0d65a21b743f7fe6de2f4bd57316546e7f30c7810740d68322a44dfe3004373
GET /landings/277386/1674482702/images/1.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 0IGyT7tlwD+javoqF5rupwK8gjGVk52VprSOJLiY//EhvaPsm5EfkLCuvSE+02Fsv8gqBo8Z6P0=
x-amz-request-id: VE9X02YRNZABFEV2
Last-Modified: Mon, 23 Jan 2023 14:05:06 GMT
ETag: "765620bf3d6dcdb5495b70409b6b4ba8"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 62164
Date: Fri, 12 May 2023 07:24:47 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/110010_2.jpg
88.221.27.74200 OK 29 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/110010_2.jpg
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 682x388, components 3\012- data
Hash 2b8ac4e50a5bbbe4e6ea964bec7f3086
5486267315a7cd9eca01fa2fc6007060189c8b4f
8f700ae9dd68bd1130d528b77e1de92b4945e036060fdb01a02ccc148ab24ab3
GET /landings/277386/1674482702/images/110010_2.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: S10dPOpyBqY7oQzqzXfrZlfoHTUh6afcFTek1SEhaCO5C4zowvEWBZApe9rkVvRTn0os/h31WsI=
x-amz-request-id: 40R8K5Q3GPVDKC89
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "2b8ac4e50a5bbbe4e6ea964bec7f3086"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 29319
Date: Fri, 12 May 2023 07:24:47 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 4ca643eb908b2ebf8e99708e63435736
f5fe3576d1fab4b0958e51a59e1c12e2e927de03
a9377a71a606b86c932196ab7efadacb7ec1b93d67e1e3df06d5bfac71161d56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 May 2023 07:24:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 4ca643eb908b2ebf8e99708e63435736
f5fe3576d1fab4b0958e51a59e1c12e2e927de03
a9377a71a606b86c932196ab7efadacb7ec1b93d67e1e3df06d5bfac71161d56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 May 2023 07:24:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 4ca643eb908b2ebf8e99708e63435736
f5fe3576d1fab4b0958e51a59e1c12e2e927de03
a9377a71a606b86c932196ab7efadacb7ec1b93d67e1e3df06d5bfac71161d56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 May 2023 07:24:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oxbnr.amouronllne.com/ortb
63.32.216.166200 OK 29 B URL POST HTTP/2 oxbnr.amouronllne.com/ortb
IP 63.32.216.166:443
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerLet's Encrypt
Subject*.amouronllne.com
FingerprintF9:EC:62:24:A1:D6:2D:CD:91:E2:B4:81:1C:41:99:4A:3C:28:2C:2D
ValidityTue, 09 May 2023 08:01:37 GMT - Mon, 07 Aug 2023 08:01:36 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash c453d1e33844d14bbd7ec2846eb408f6
b934f52ed7fbed0cee5874cb0fcafdd1cb450fcd
2b159267580e469b4eed0aaf47253e353fdf727043d52d969bd85cbff7fd4a1a
Analyzer Verdict Alert fortinet Phishing
POST /ortb HTTP/1.1
Host: oxbnr.amouronllne.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 330
Origin: https://oxbnr.amouronllne.com
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/?s1=43431&s2=1106323&s3=&s5=backuser&click_id=&iexpp=1&j1=1&j5=1&utm_source=da57dc555e50572d
Cookie: unique_id=645ddcb80006a954; unique_id2=645d7940000110b3; 645d7940000110b3_c=1; ref_token=187050_169729_43431; 645d7940000110b3_sl=[277386]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 12 May 2023 07:24:48 GMT
content-type: text/plain; charset=utf-8
content-length: 29
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 89df013e8608d07679738c5bed6b85f6
49951a3cf8def7832e44ef5d8448ccea2f9c0391
2680bd8acd47863cffaafb8d8c7384abe08358ce137bdb2e4fcf9ab61840f7e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 May 2023 07:24:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 89df013e8608d07679738c5bed6b85f6
49951a3cf8def7832e44ef5d8448ccea2f9c0391
2680bd8acd47863cffaafb8d8c7384abe08358ce137bdb2e4fcf9ab61840f7e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 May 2023 07:24:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:443
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbnr.amouronllne.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 06 May 2023 03:11:48 GMT
expires: Sun, 05 May 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 533580
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap
142.250.74.74200 OK 16 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap
IP 142.250.74.74:443
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type gzip compressed data, max compression\012- data
Hash 4f7dea659c1a8a5efa38f7dc2d4a0164
efc920bbd49491b6822c23d91e09f4ea221f33cc
751ccc9e6af445efc3282dff0dc16ba232625a199d4dbdd491476783357c4a0b
GET /css2?family=Ubuntu:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 12 May 2023 07:24:47 GMT
date: Fri, 12 May 2023 07:24:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
qwfuu.crystalcrafter.top/ph-new/assets/style.css
104.21.7.3 8.4 kB URL qwfuu.crystalcrafter.top/ph-new/assets/style.css
IP 104.21.7.3:0
File type ASCII text, with CRLF line terminators
Hash 807d696b86114245f8eda3dce43f61ff
6d65ffaf8ec2107db8f1d29c410f152a8b809a56
7524af6d5f36df3e5d5c8148bc63e3956de050fa262fc0589e2a58dc606977bc
GET /ph-new/assets/style.css HTTP/1.1
Host: qwfuu.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qwfuu.crystalcrafter.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=c9d5f1365a4acf5282bc72ce2edc40a3-11246-0512&sub_id=parkdom&hash=568_3sFiJl-BsuTGgAll5w&exp=1683876581
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 12 May 2023 07:24:41 GMT
content-type: text/css
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-5f33"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3145
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edMph1Ae4467J8g7N54ZqtBC9X93cNnlXDTvl51YdDPrMakbPYH6HmregyyOiHagfeGdRcZb1uNRi6fkuDeDtlTQuSSIo2K1eNFyjBZqRpuyfG3vfVrDU8MGDczaHe0SQNS8NzqwBqV7cJs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c60ec69688ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-dimi.akamaized.net/landings/277386/1674482702/images/favicon.png?t=20230512072447
88.221.27.74200 OK 4.1 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/favicon.png?t=20230512072447
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 40a54c3ecf143b64096b063ff793fdbb
017eafffc5e55226a2aec0dd3c03f1b6130a6bab
39b439471019cb16f819e05166d23492593310fd55cce8471062d8f2dc5de423
GET /landings/277386/1674482702/images/favicon.png?t=20230512072447 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Rfspv8gcrUbdk91V4hkf0D5j2kxpCzqU6vPK2X1EPgTgzP2N+V97ZctRCurJCmL183Q6zyzLArI=
x-amz-request-id: S9G7NM7MNVV1FP6D
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "40a54c3ecf143b64096b063ff793fdbb"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4093
Date: Fri, 12 May 2023 07:24:48 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/2.jpg
88.221.27.74200 OK 103 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/2.jpg
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 960x1280, components 3\012- data
Size 103 kB (102832 bytes)
Hash 3b8b455b24c71ae1f928266241e9517e
8b98ca60c92b83e039c3b996f090883ed8b7ca75
c8d05f7eda85f68f0a08307eeee4e481282fda95570dd53f300b8aadd4f504f6
GET /landings/277386/1674482702/images/2.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: hODAwaxhhoNUzaw+wGQIdlKGG1r6rlm0Gl11mKPn3J7w0gqE64598E1ANjtxBygXrh+DY1h3pjY=
x-amz-request-id: JTW6JJFVF42X0DH8
Last-Modified: Mon, 23 Jan 2023 14:05:05 GMT
ETag: "3b8b455b24c71ae1f928266241e9517e"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 102832
Date: Fri, 12 May 2023 07:24:49 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/3.jpg
88.221.27.74200 OK 150 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/3.jpg
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1108x1280, components 3\012- data
Size 150 kB (149812 bytes)
Hash 8ff03d86c53d978e5527374b5bcd5114
2b63b0853d74e24d74d26dbf9622c407e3c74ea9
10dedae19a11a0cf1cea2db4646bde720e63e35140f38ae3453fa2a4e4649e1c
GET /landings/277386/1674482702/images/3.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Xirc4fkz0JOSaRS7VBS3M8nzLP7O9RnlkHucQpuinBkelD+B+7nBZr41dGSTLSs2/GCSrwUj0pg=
x-amz-request-id: XJSRKQFA4YQZWMJS
Last-Modified: Mon, 23 Jan 2023 14:05:06 GMT
ETag: "8ff03d86c53d978e5527374b5bcd5114"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 149812
Date: Fri, 12 May 2023 07:24:49 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/images/1.mp4
88.221.27.74206 Partial Content 1.6 MB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/images/1.mp4
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 1.6 MB (1560164 bytes)
Hash 379ddec6d7d6e118bd7565d1c83dbb90
16becb1b44f3f35b0fa239668901338cba6eff06
5635dd2c6c23dfdc3e4eb82afc4231a27e8522ec332b8568a3fc7ae8755fec94
GET /landings/277386/1674482702/images/1.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
x-amz-id-2: 1Ax9N+Cfw91vDfS7SxXRZKuE+o4c4UcnjyTZdFm9/oi70hWYxtxdgby+ENQIv8dZ+MsudWMhl4o=
x-amz-request-id: FBRABVME30ZYGQHT
Last-Modified: Mon, 23 Jan 2023 14:05:05 GMT
ETag: "379ddec6d7d6e118bd7565d1c83dbb90"
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Fri, 12 May 2023 07:24:49 GMT
Content-Range: bytes 0-1560163/1560164
Content-Length: 1560164
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/277386/1674482702/css/style.css?1674482703
88.221.27.74200 OK 15 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/css/style.css?1674482703
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash c0e91ee9eeac065a145dea1b96ebfd1e
6b6d48177a222b18dc1de0ff775de8f6cb963431
daccaf7e9b15704dc69729967a3be708994fff4d7b6c3f63f17b9d37be32cdc5
GET /landings/277386/1674482702/css/style.css?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: iOgibq5bwefJNmBXigm/qdf31H9uHOKWbNj1r4p/15+8eEKl+gz6QF7Oq9nqECsCF/0ArpYr5Z0=
x-amz-request-id: 6GM9SRD41YNSD1QV
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "c0e91ee9eeac065a145dea1b96ebfd1e"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 12 May 2023 07:24:47 GMT
Content-Length: 2985
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
142.250.74.74200 OK 6.8 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
IP 142.250.74.74:443
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:3F:7F:CC:E7:90:DA:64:23:AC:13:1E:55:7A:62:1E:2B:E4:30:5C
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type ASCII text, with very long lines (7013), with no line terminators
Hash 49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09
GET /css2?family=Roboto:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 12 May 2023 07:24:48 GMT
date: Fri, 12 May 2023 07:24:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn-dimi.akamaized.net/landings/277386/1674482702/css/popup.css?1674482703
88.221.27.74200 OK 1.7 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/277386/1674482702/css/popup.css?1674482703
IP 88.221.27.74:443
ASN #20940 Akamai International B.V.
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (1789), with no line terminators
Hash 039d7fdf5f694c6e7da2d65368d0b66f
130d21bb24dce77b96f097bb6960ee94465678df
3259c640671ef64abcfeefe4536727063814443a71df8d776833b6ac01633d52
GET /landings/277386/1674482702/css/popup.css?1674482703 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oxbnr.amouronllne.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: bv87+9sEAgmF+9LmuaJa+60f+HCwvQ7gaxcSgupAnxavvLT0mzlVWXHwU9nfTHQNVV6BjRfVYJc=
x-amz-request-id: KPETMBYZ91Z3NR3T
Last-Modified: Mon, 23 Jan 2023 14:05:07 GMT
ETag: "5a61d45142ce5764a2b36dc75343fcd5"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 12 May 2023 07:24:47 GMT
Content-Length: 635
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:443
Requested by https://oxbnr.amouronllne.com/?utm_source=da57dc555e50572d&s1=43431&s2=1106323&s5=back&j1=1&j5=1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintD2:67:59:66:D0:D5:C9:19:F4:2D:E4:65:4B:EA:E1:50:8D:D2:3E:1D
ValidityMon, 17 Apr 2023 08:25:28 GMT - Mon, 10 Jul 2023 08:25:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbnr.amouronllne.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 06 May 2023 07:44:41 GMT
expires: Sun, 05 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 517207
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2