Report - xn--74qw2ce58goua.xn--nqv7f/

Report Overview

Submitted URL
xn--74qw2ce58goua.xn--nqv7f/
IP
151.139.128.11
ASN
#20446 STACKPATH-CDN
Submitted
2023-02-01 09:33:01
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.2 kB	93.184.220.29
i.postimg.cc	23840	2018-04-11T12:01:12Z	2023-03-13T05:19:26Z	393 B	18 MB	162.19.61.80
secure.livechatinc.com	6541	2012-08-20T21:27:12Z	2023-03-13T05:22:03Z	579 B	2.7 kB	23.36.79.17
accounts.livechatinc.com	7698	2017-07-31T07:50:56Z	2023-03-13T05:22:04Z	492 B	1.7 kB	23.36.79.17
cdn.livechat-files.com	28080	2020-04-22T11:40:29Z	2023-03-13T08:09:02Z	452 B	11 kB	23.36.79.17
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	420 B	1.1 kB	104.16.86.20
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	435 B	630 B	142.250.74.74
res.cloudinary.com	2520	2012-10-03T10:31:44Z	2023-03-13T05:54:09Z	444 B	27 kB	151.101.129.137
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.4 kB	4.9 kB	142.250.74.131
img.pay4d.info	93767	2019-09-25T05:12:55Z	2023-03-13T06:56:23Z	18 kB	501 kB	104.19.136.75
cdn.livechatinc.com	6288	2012-06-22T10:37:34Z	2023-03-13T05:22:02Z	3.1 kB	148 kB	23.36.79.17
xn--74qw2ce58goua.xn--nqv7f	unknown	2022-12-12T14:23:11Z	2023-01-13T17:52:35Z	816 B	18 kB	151.139.128.11
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.160.120.175
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-13T05:09:57Z	394 B	31 kB	69.16.175.42
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.0 kB	115 kB	216.58.207.227
becak4dw.com	unknown	2023-01-27T22:07:41Z	2023-01-27T22:07:41Z	11 kB	1.7 MB	172.67.154.182
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	380 B	78 kB	142.250.74.40
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	712 B	443 B	216.239.32.36
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	56 kB	34.120.237.76
api.livechatinc.com	5353	2013-12-20T15:27:35Z	2023-03-13T05:22:02Z	2.1 kB	7.3 kB	23.36.79.17
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-01 09:33:10	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-01 09:33:10	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-9FL1213YT1	223 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-9FL1213YT1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:04:23 Last Seen2023-03-13 14:04:23 Times Seen1 Hash 14766a62c3d15f6be900092dfde407c0 116379a8ac5390ae330804576f68d4d6e23061e8 5ac1d080690dff6a6014843773df48c04710f401844730e518be220999945da5 Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-19 23:32:27 Times Seen259921 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	becak4dw.com/	169 B	2023-03-07	2024-02-20
Pretty URL becak4dw.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2024-02-20 23:26:03 Times Seen244 Hash b21e43c0570e9fc4f8205b825bb547ec b5246ed21fcc5fa2a3dc128e2054c77eadf2bc8d dc768117ef69bdcdd52eaad2b2207c142fcf34775e10165ef4f6d42a611cb69c Loading...

	cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js	48 kB	2023-03-08	2023-03-17
Pretty URL cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:58 Last Seen2023-03-17 22:17:08 Times Seen1 Hash 10a3d7ac1ed37325d3341c379ee0de69 568234e1f256abe6987b7c9965b51bbc119c0160 8250a0a8a2b63bfae72b2604bc53e7764530aa08651e7c0cb253a90a6c762a8c Loading...

	secure.livechatinc.com/customer/action/open_chat?license_id=13133205&group=0&embedded=1&widget_version=3&unique_groups=0	105 B	2023-03-07	2023-04-05
Pretty URL secure.livechatinc.com/customer/action/open_chat?license_id=13133205&group=0&embedded=1&widget_version=3&unique_groups=0 IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2023-04-05 02:06:41 Times Seen330 Hash d30bfddcdb3764a782b7c8584021d1d6 64ed02149d0db57e6c1d68992361d7c1330a663a 5a8894efd9ef253bc344f5587ea4fb4f4b8da39d4dbd49a390c2302898411623 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 00:43:45 Times Seen36969158 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	becak4dw.com/js/webduo35.js	28 kB	2023-03-08	2023-04-20
Pretty URL becak4dw.com/js/webduo35.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:02:12 Last Seen2023-04-20 04:38:05 Times Seen58 Hash 03202158f907e827e9eca32f48e68d7a af1ce4eb09aff731dcb5b60220efb67b955048a1 de786ed07d8d63eb4363dab605cf35309cba929aac48c02f00a9f3697c4a9f77 Loading...

	becak4dw.com/	64 B	2023-03-07	2023-04-20
Pretty URL becak4dw.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2023-04-20 04:38:05 Times Seen45 Hash 7008b4cf27e5df1c0e715885bb4dcd72 8aff2414558b1345a6f67d1783d73116d5de566e 03e31cacefb756fe9eba705d8b69db35e9e63c86ea4ff74cbe99c10a8663af03 Loading...

	becak4dw.com/	747 B	2023-03-13	2023-03-13
Pretty URL becak4dw.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:04:23 Last Seen2023-03-13 14:04:23 Times Seen1 Hash b708a52d7acc5154ec9639490c1e38ea 2c564efb503619042125395d038da874b078a383 64867d2aa311a75b002e17c359cd0e7a08da79fa120ad34a7cecfa3456845700 Loading...

	secure.livechatinc.com/customer/action/open_chat?license_id=13133205&group=0&embedded=1&widget_version=3&unique_groups=0	2.5 kB	2023-03-13	2023-03-14
Pretty URL secure.livechatinc.com/customer/action/open_chat?license_id=13133205&group=0&embedded=1&widget_version=3&unique_groups=0 IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:34 Last Seen2023-03-14 06:26:07 Times Seen1 Hash 0adfdee1bff3ae07357fcfca6cafc1fc 653c2a38a1047e3c6384942a315ab8b67e676e65 a8b49021237400981adbe4b95cf0f8a17c87ea0a1f88191ee0ccadc66b370ce6 Loading...

	cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js	764 kB	2023-03-13	2023-03-14
Pretty URL cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:34 Last Seen2023-03-14 06:26:06 Times Seen1 Hash 90cad0f1a20bbe0c7b70af650ab7491a e666a88b94923655225458041b850961df4e4ebe 5741acb692282784583db77424af958b107b6ba21a6e6e0b2c44b12d74b5c34c Loading...

	becak4dw.com/js/jquery.pause.min.js	1.7 kB	2023-03-07	2024-01-09
Pretty URL becak4dw.com/js/jquery.pause.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2024-01-09 19:36:30 Times Seen48 Hash 17e6addbebb0c8408de8629c8cd5ac46 a9a7d181c4361235077b4ecb8f73bcd90d2bdbc2 201542af15d8f2840e6e0ed30a359092760f6a394a3e1dbecf61b5ffbd5bdbe1 Loading...

	becak4dw.com/	299 B	2023-03-07	2023-04-20
Pretty URL becak4dw.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2023-04-20 04:38:05 Times Seen46 Hash 1ad30f8431977e691204a8e80ea23ca1 7b73359f36d3fe2dcad66fd4486469a5a88c3053 9bd444d31d819741ad3c625ccef43571313e7370ab16642ec4a0fe78d741aaf9 Loading...

	becak4dw.com/	90 B	2023-03-07	2024-04-18
Pretty URL becak4dw.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2024-04-18 14:17:53 Times Seen868 Hash cc3c144b883a3abdbbe71701ebb0e66b 9a6863582eebab6a5c00391ef8a37b3afa855945 26ded8f2b1b53d104c738332e3ede0dc27518fe9aba6ecb67be692592f02e88a Loading...

	cdn.livechatinc.com/tracking.js	87 kB	2023-03-13	2023-03-14
Pretty URL cdn.livechatinc.com/tracking.js IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:34 Last Seen2023-03-14 06:27:26 Times Seen1 Hash 29e075294399875f6fd4bdaa0f4a20e4 4b66dda1ae90f520557c9e3190686a4c4301282c b3fcf409ea4cc82df451395238d14a5c25a8bde7f6d6bf547125ed0b374e2dda Loading...

	api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13133205&url=https%3A%2F%2Fbecak4dw.com%2F&channel_type=code&jsonp=__p9teo2tki2	264 B	2023-03-13	2023-03-13
Pretty URL api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13133205&url=https%3A%2F%2Fbecak4dw.com%2F&channel_type=code&jsonp=__p9teo2tki2 IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:04:23 Last Seen2023-03-13 14:04:23 Times Seen1 Hash 813d999f13d28a08a13002f780fa3195 7689eba745da2600552ee4f2ac7d5ce98cd7497d 60b1e6103730bdaca3d1be693780e4a0d4fcff99adc5570ff4d2249922b963ed Loading...

	becak4dw.com/	153 B	2023-03-13	2023-03-13
Pretty URL becak4dw.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:04:23 Last Seen2023-03-13 14:04:23 Times Seen1 Hash 7649dbbf4a2be8e0a55f945dd8d09db9 4f4de2676970bab6b6f6e78475a28b6452bbe71b d696c4740302928d58643688e0db3f468474412d4aee3afe898a63e62501a67e Loading...

	cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js	40 kB	2023-03-07	2024-04-19
Pretty URL cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js IP 104.16.86.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 18:34:27 Times Seen12114 Hash 2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Loading...

	becak4dw.com/	22 B	2023-03-07	2023-04-20
Pretty URL becak4dw.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2023-04-20 04:38:05 Times Seen45 Hash 6382d7fb0376e831649246353e4d1c72 f710ee7a7b67204ec04c159ff2c233487cd3d1af f6ec71fffc73475ba11ca4ddcff8b317f4a53b164575728e6b804eba990fe4d8 Loading...

		Size	First Seen	Last Seen
	#1 Write - 8f541e8dab3e1e1530dceda0e859d6f3	13 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 14:04:23 Last Seen2023-03-13 14:04:23 Times Seen1 Hash 8f541e8dab3e1e1530dceda0e859d6f3 e425e588664d7f4419e97bf1c18c3d4a4066a5c8 6af95a62680c87d43aca436cd68ce0b9e2d5dee5c1af1d3493b52d118a11c20d Loading...

	#2 Write - 930b0f390f48f54aa49cd05c399435ab	30 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 14:04:23 Last Seen2023-03-13 14:04:23 Times Seen1 Hash 930b0f390f48f54aa49cd05c399435ab eb22a8fc1312d3cd1b5767d47502ee9a2222ca1d eebf005be8ffb13bc9a0092d0346c670b59df99157bf6ddb0bcc374d426d31b8 Loading...

	#3 Write - e9c7786f9a223c059200a8d741e6e95e	36 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 14:04:23 Last Seen2023-03-13 14:04:23 Times Seen1 Hash e9c7786f9a223c059200a8d741e6e95e 7654163f0d29f4d2553c6652a4660b936b39f2c5 0728009144603728707fb7c6f35be867577b492c18f4bc399bfc2dd20f3106e7 Loading...

HTTP Transactions (125)

	URL	IP	Response	Size
	xn--74qw2ce58goua.xn--nqv7f/	151.139.128.11	301 Moved Permanently	0 B
URL HTTP/1.1 xn--74qw2ce58goua.xn--nqv7f/ IP 151.139.128.11:0 ASN #20446 STACKPATH-CDN File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: xn--74qw2ce58goua.xn--nqv7f User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Date: Wed, 01 Feb 2023 09:32:47 GMT Accept-Ranges: bytes Cache-Control: max-age=0 Location: https://xn--74qw2ce58goua.xn--nqv7f/ X-HW: 1675243967.cds225.sk1.h2,1675243967.cds071.sk1.c Access-Control-Allow-Origin: * Connection: keep-alive Content-Length: 0`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7e05c8461bd2dc5a149f71e2c465ea29 705983959c887e243cb55a8a1796757b579ee977 4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922" Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12170 Expires: Wed, 01 Feb 2023 12:55:37 GMT Date: Wed, 01 Feb 2023 09:32:47 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 62de35a6c8e4efd7633fc5236b5b086f 6a92912a86dfcd0330d040cef06bef36889c76ab ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC" Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3209 Expires: Wed, 01 Feb 2023 10:26:16 GMT Date: Wed, 01 Feb 2023 09:32:47 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash ff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 01 Feb 2023 08:43:25 GMT content-type: application/json age: 2963 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 09ee4b0fe6cf4ca5ed31b24452338d00 7e62b6e20f0d4737f4a8d94f9818a0883027839e 56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8000 Expires: Wed, 01 Feb 2023 11:46:08 GMT Date: Wed, 01 Feb 2023 09:32:48 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: It4xmz26jgU20/J1QGb+P1LXWGKyH6yWMA0/HMQk2RGIw36woA6DgLnKn2xr8p3tvkpzIAN+y9I= x-amz-request-id: HKQC2T07931VBTZ5 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 01 Feb 2023 09:22:36 GMT age: 612 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Wed, 01 Feb 2023 09:32:48 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 01 Feb 2023 08:41:42 GMT age: 3066 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a 86f640e134a741a0f906a8e3a0f5c6659dd0e394 a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5393 Expires: Wed, 01 Feb 2023 11:02:41 GMT Date: Wed, 01 Feb 2023 09:32:48 GMT Connection: keep-alive`

	ocsp.pki.goog/s/gts1p5/Z2kEB-hAwMg	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Z2kEB-hAwMg IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 4603bcfadf57c18162c5652c1b53bfb6 e59de6c337b251531a005fa513c4341be0fa9133 80c0b294d858ac978bad4c4dcfa7fd14f8a66bbb9b1ddb446bf38e0771e002a2 HTTP Headers `POST /s/gts1p5/Z2kEB-hAwMg HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 01 Feb 2023 09:32:48 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	push.services.mozilla.com/	35.160.120.175	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.160.120.175:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: DyxPe732usBY/rs8NW4brw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: TGIX4ZOemWfIBK2RET8xAou9pao=`

	ocsp.pki.goog/s/gts1p5/Z2kEB-hAwMg	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Z2kEB-hAwMg IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 4603bcfadf57c18162c5652c1b53bfb6 e59de6c337b251531a005fa513c4341be0fa9133 80c0b294d858ac978bad4c4dcfa7fd14f8a66bbb9b1ddb446bf38e0771e002a2 HTTP Headers `POST /s/gts1p5/Z2kEB-hAwMg HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 01 Feb 2023 09:32:49 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	res.cloudinary.com/didpmkqp2/image/upload/v1619904042/klipartz.com_shuh9m.png	151.101.129.137	200 OK	27 kB
URL HTTP/2 res.cloudinary.com/didpmkqp2/image/upload/v1619904042/klipartz.com_shuh9m.png IP 151.101.129.137:0 ASN #54113 FASTLY File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data Size 27 kB (26786 bytes) Hash 10ea7e1fac5620d7b65ba9e30ea58921 cdfe0f1c9d37383a2897d1e5eb724537d69eb9f9 ddf5a6c31abfe43b95455c4ba4f0a4596563cc8a544eb3e6e546bfa96e78025b HTTP Headers `GET /didpmkqp2/image/upload/v1619904042/klipartz.com_shuh9m.png HTTP/1.1 Host: res.cloudinary.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK content-type: image/png etag: "10ea7e1fac5620d7b65ba9e30ea58921" last-modified: Sat, 01 May 2021 21:20:43 GMT date: Wed, 01 Feb 2023 09:32:49 GMT strict-transport-security: max-age=604800 cache-control: public, no-transform, immutable, max-age=2592000 server-timing: fastly;dur=4;cpu=3;start=2023-02-01T09:32:49.383Z;desc=hit,rtt;dur=17 server: Cloudinary timing-allow-origin: * access-control-allow-origin: * accept-ranges: bytes x-content-type-options: nosniff access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options content-length: 26786 X-Firefox-Spdy: h2

	xn--74qw2ce58goua.xn--nqv7f/	151.139.128.11	301 Moved Permanently	18 kB
URL HTTP/2 xn--74qw2ce58goua.xn--nqv7f/ IP 151.139.128.11:0 ASN #20446 STACKPATH-CDN File type data Size 18 kB (17710 bytes) Hash aac194b089ecdabd760d51a0c1b80038 d11858afb65f62c62c526847fc03013847729b23 62c2c9832ec1c6e2cf9354c4219a94329ce6c88a262d0e78781e83716a3da52d HTTP Headers `GET / HTTP/1.1 Host: xn--74qw2ce58goua.xn--nqv7f User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` `HTTP/2 301 Moved Permanently date: Wed, 01 Feb 2023 09:32:48 GMT accept-ranges: bytes content-encoding: gzip content-type: text/html; charset=iso-8859-1 server: Apache location: https://becak4dw.com/ x-hw: 1675243968.cds244.sk1.hn,1675243968.cds258.sk1.sc,1675243968.cds258.sk1.p access-control-allow-origin: * X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5 e286810b718e374858f11adf0aae18dc65f27d66 73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 01 Feb 2023 09:32:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash 74bf52175bfb09d8c91ca37ca9f7fd18 bfe2ef906b2e3f25ce8450eff523c420a78eb72f de1be94ea1ae1d0c7d377dda01c750bae11412333cc18bd5e53420cef00b527e HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5726 Cache-Control: max-age=120807 Content-Type: application/ocsp-response Date: Wed, 01 Feb 2023 09:32:49 GMT Etag: "63d9504a-118" Expires: Thu, 02 Feb 2023 19:06:16 GMT Last-Modified: Tue, 31 Jan 2023 17:30:50 GMT Server: ECS (ska/F71E) X-Cache: HIT Content-Length: 280`

	www.googletagmanager.com/gtag/js?id=G-9FL1213YT1	142.250.74.40	200 OK	78 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-9FL1213YT1 IP 142.250.74.40:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (21849) Size 78 kB (77730 bytes) Hash 7e279e7b423517a115d89bfb4ae7e528 6205a427b99f0812b76d141629322814bfbc7601 ad9b74173cd63fc4fb1d6d705d1f0558769bf1de956e29e4a68ff56e717fe3da HTTP Headers `GET /gtag/js?id=G-9FL1213YT1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Wed, 01 Feb 2023 09:32:49 GMT expires: Wed, 01 Feb 2023 09:32:49 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 77730 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	code.jquery.com/jquery-3.6.0.min.js	69.16.175.42	200 OK	31 kB
URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js IP 69.16.175.42:0 ASN #20446 STACKPATH-CDN File type ASCII text, with very long lines (65447) Size 31 kB (30875 bytes) Hash 899f0189aaf034bbba5340f724d91dfa 210ea9de03968edb9d839ba4a0ce2d48666a8ab8 949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f HTTP Headers `GET /jquery-3.6.0.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://becak4dw.com Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-encoding: gzip content-length: 30875 content-type: application/javascript; charset=utf-8 last-modified: Fri, 20 Aug 2021 17:47:53 GMT accept-ranges: bytes server: nginx etag: W/"611feac9-15d9d" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1675243969.dop212.sk1.t,1675243969.cds259.sk1.hn,1675243969.cds210.sk1.c X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash c004ef398fc2138876eac9e202e6e7c9 9b695108fe043113ee8dc3369be58234f1a73323 ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 01 Feb 2023 09:32:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5 e286810b718e374858f11adf0aae18dc65f27d66 73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 01 Feb 2023 09:32:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash 74bf52175bfb09d8c91ca37ca9f7fd18 bfe2ef906b2e3f25ce8450eff523c420a78eb72f de1be94ea1ae1d0c7d377dda01c750bae11412333cc18bd5e53420cef00b527e HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5726 Cache-Control: max-age=120807 Content-Type: application/ocsp-response Date: Wed, 01 Feb 2023 09:32:49 GMT Etag: "63d9504a-118" Expires: Thu, 02 Feb 2023 19:06:16 GMT Last-Modified: Tue, 31 Jan 2023 17:30:50 GMT Server: ECS (ska/F71E) X-Cache: HIT Content-Length: 280`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 789b41f1f8027d4275a66ac9cb2f124d c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79 e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 01 Feb 2023 09:32:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2	216.58.207.227	200 OK	9.6 kB
URL HTTP/2 fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 9588, version 1.0\012- data Size 9.6 kB (9588 bytes) Hash 55d912c794126956bb1e8f41597c131f f7ade582dbe9d0efe97ae105cab313c6e45904d4 8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699 HTTP Headers `GET /s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://becak4dw.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 9588 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 27 Jan 2023 02:06:42 GMT expires: Sat, 27 Jan 2024 02:06:42 GMT cache-control: public, max-age=31536000 last-modified: Tue, 19 Apr 2022 18:29:39 GMT content-type: font/woff2 age: 458767 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 789b41f1f8027d4275a66ac9cb2f124d c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79 e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 01 Feb 2023 09:32:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	becak4dw.com/images/bgline3.png	172.67.154.182	200 OK	1.2 kB
URL HTTP/2 becak4dw.com/images/bgline3.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 404 x 6, 8-bit/color RGB, non-interlaced\012- data Size 1.2 kB (1214 bytes) Hash d04fc7acfdce9e248847668c5f82c364 d7414c0ca807905fa3c2980e369703e3051abb4c 939e8a5583f3db8796c5ecaf1ab123eb89150f730b1dafa513cf3efb7a2a7fa9 HTTP Headers `GET /images/bgline3.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 1214 last-modified: Wed, 08 Sep 2021 05:37:05 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5q09%2BWs7AA6ybDCJSoh2ciFaScKMAMaKi0sqyUYU0ACZ2VniGT4zn1C4fP3L9cXX4DQda4Yfp9zOou44%2FAvjeZSzw0KNvRbVt8eC5Wb21%2F6vFshOaSWLS4xzq%2FSvRg%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae985eb20b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	becak4dw.com/images/jpn.png	172.67.154.182	200 OK	10 kB
URL HTTP/2 becak4dw.com/images/jpn.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 90 x 90, 8-bit/color RGBA, interlaced\012- data Size 10 kB (10078 bytes) Hash bf14243b4097db1a28c9a76d50e06951 9753fc9b352be580cc04837a728b58cb2eb72e24 9d4db28109cd310ca3cd0f26265b2ea38289f03e51b505cf05fa535e723a3b01 HTTP Headers `GET /images/jpn.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 10078 last-modified: Sat, 19 Nov 2022 02:56:01 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VvplAb0G5Oi4vrbSpVelP%2F9nrb%2FC8hNJ0TsWGnC%2F9xPQ12bRXD55eAQVwfy8%2B5Vt0FHX9byoHGZzMH2pWehzjc7xL%2FHnNGrzofa4qBllOcDWCljA8eLbvZJP4SceZk%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae986ed30b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	becak4dw.com/images/psr-sg.png	172.67.154.182	200 OK	5.8 kB
URL HTTP/2 becak4dw.com/images/psr-sg.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data Size 5.8 kB (5752 bytes) Hash 62f2ba4b9e6571ffa4aaff9df88a1363 062d797e0b0e5d72fe4c67326da651e98120d997 eb3dba84673c3872ef5b868fd31ad9eff4138e566609cfd9fea427d218bb1413 HTTP Headers `GET /images/psr-sg.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 5752 last-modified: Mon, 20 Sep 2021 09:14:08 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLq13NFRH1NC5IH6J2QPcsjVBRt5NGbKtA1NroiDmpySMGBEPiJ8Q4Qh4Itm0a%2F6Qd5w%2BwomDjmmOx9gDZoRpmFHog9HV7YHhGDXOp2CYpbhLgcp4aVTLblaIWRBZ38%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae987ed80b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	becak4dw.com/images/osaka.png	172.67.154.182	200 OK	3.9 kB
URL HTTP/2 becak4dw.com/images/osaka.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 90 x 90, 8-bit gray+alpha, non-interlaced\012- data Size 3.9 kB (3919 bytes) Hash 31a2284d43ef0077b79a2bc2a87b7ad9 8c517f8d36b7ada93f62905b48d74694b51e15f0 cc5b4edf1e6d20634e7bfba82da1ce83262a939e4808723681c6c3e1fe989b90 HTTP Headers `GET /images/osaka.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 3919 last-modified: Sat, 19 Nov 2022 02:56:11 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6J5p26Ds%2F2fOn02djwwgsLLn9yJ5l23QjTKgWBjoG3XuvM%2Fxn7bqdM1b97aaKZziLHR7Z5d4ROut8QyGSvoNvtOUby7e9LVgLeQEPzO%2BeEWTL%2F9ulask%2BARHQfxmJw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae986ed40b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	becak4dw.com/images/shang.png	172.67.154.182	200 OK	4.5 kB
URL HTTP/2 becak4dw.com/images/shang.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 90 x 90, 8-bit gray+alpha, non-interlaced\012- data Size 4.5 kB (4533 bytes) Hash 5091931a7bc600f2b20679b3a2edeb62 dec4a9c742d9ef76026e402dddbe2adf2d7731f2 24231bedcee9eac8c254c2f0cb046ac9c63bca863ad3f66765b90890d59fae36 HTTP Headers `GET /images/shang.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 4533 last-modified: Sat, 19 Nov 2022 02:56:08 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xs5NZ1Omc37UU7k5MAtlXIhFkS%2BSJPCcbJ8EUNaT7mmeCrFgr0k4Z8fJOMVBRkHYSSbvYxDrx9A%2BNM5YzJv9UbemAVUOdZJ6mWNeJzTEosd3uour%2FDF4q2FcJ67erfA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae986ed50b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	becak4dw.com/images/madrid.png	172.67.154.182	200 OK	4.6 kB
URL HTTP/2 becak4dw.com/images/madrid.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 90 x 90, 8-bit gray+alpha, non-interlaced\012- data Size 4.6 kB (4594 bytes) Hash 10feb7e5a0947dedb1068eb20d65915b 9de0ac1d6680aa2098e35b2b311b01f0f3efbbf1 d5b9434ab37285933aebdc0a30a00014571b8ff31031523b62879023e8ec647f HTTP Headers `GET /images/madrid.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 4594 last-modified: Sat, 19 Nov 2022 02:56:16 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ww9aUZWdLYNw%2FE1hitcRvXfm1fHIxNJ%2FakVSrKV8gh1M8UEmgHzJOthVZpKhqr4B%2FHwW3JQZzGlY3kFBkoGTbnhnCKL6O62GhUPgQOToDSEG5iVZEICeU2m5i%2Fwy%2Btc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae986ed20b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	becak4dw.com/images/london.png	172.67.154.182	200 OK	5.9 kB
URL HTTP/2 becak4dw.com/images/london.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 90 x 90, 8-bit gray+alpha, non-interlaced\012- data Size 5.9 kB (5881 bytes) Hash 34af2a64196036b069eddddce1ead2cd 6a40967c36d69b74d903f19a86aab2677e2b5ff7 6f7dbaeb72e5568579e1dd89e85a52955c54fb5843da9b9a429f4573fc419bd8 HTTP Headers `GET /images/london.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 5881 last-modified: Sat, 19 Nov 2022 02:56:00 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDZ7%2FPbgMT%2FM5iMTAZ%2BvTaZQAkLh4O614MeGqjcQasQEi%2Bn2FiKKYvRqCJN9Hqd9dD%2F9E%2BC9Y4S5yV9y9KGF3oXtKVLLnZ64W%2F5%2BYOrOV24ZTT8%2BgENEHFe%2FlPspx58%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae987ee20b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img.pay4d.info/picrightsport-b.jpg	104.19.136.75	200 OK	12 kB
URL HTTP/2 img.pay4d.info/picrightsport-b.jpg IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 12 kB (11588 bytes) Hash b384a638dc5c10281228cd681469b5db bf8625ff8f2a683d21cd384f671ce379b9a7c76d 0dc4e717442c9585c855bc2dcaa9d621be9fee18d541f724f0af33b3e57137ff HTTP Headers `GET /picrightsport-b.jpg HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 11588 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=13092 content-disposition: inline; filename="picrightsport-b.webp" last-modified: Fri, 04 Nov 2022 13:42:49 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b74b50c-OSL X-Firefox-Spdy: h2`

	becak4dw.com/images/dubai4d.png	172.67.154.182	200 OK	5.1 kB
URL HTTP/2 becak4dw.com/images/dubai4d.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 90 x 90, 8-bit gray+alpha, non-interlaced\012- data Size 5.1 kB (5139 bytes) Hash db87acd9bf9a2ad179da08309e60e583 c8f79a914d5b4ef6fa2f4d1dc047ad0158512522 ed2c9b7117c2e1950432fa92d68017256092528e0b0bc31ec9a3a7ea71649633 HTTP Headers `GET /images/dubai4d.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 5139 last-modified: Sat, 19 Nov 2022 02:51:11 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VljTx9lRb67jhQgX6Hu882%2B6xnOB7a3QmKaSD%2Bhi1WCRc4VVj6nRZwMwggESoLVhwbkHTeCwGugE6PDnH9a5ib7Rscfa9GfxI4BbcgKH9HiXjW3Sj4SFDg%2Fg%2FbFkuvg%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae987ee30b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img.pay4d.info/slot-prag.png	104.19.136.75	200 OK	1.4 kB
URL HTTP/2 img.pay4d.info/slot-prag.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 1.4 kB (1416 bytes) Hash 8e7ecdf154298edbc92186de70734ff7 10402bf0a46147d1b1e6e41ded452c24faa6dce6 b13a36e2d82b2cd019af41f40af642d37641573770e11980ecc12e2dce55d713 HTTP Headers `GET /slot-prag.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 1416 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=5251 content-disposition: inline; filename="slot-prag.webp" last-modified: Wed, 18 Dec 2019 05:38:15 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b90b50c-OSL X-Firefox-Spdy: h2`

	becak4dw.com/images/ph.png	172.67.154.182	200 OK	6.5 kB
URL HTTP/2 becak4dw.com/images/ph.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data Size 6.5 kB (6503 bytes) Hash d2b0582dc086a60efce8664affa0966f 4e0af8a4c426d8cfbc8346daab335f64316fcca1 faf679276de926c97c0784c99305a260e911decd5778a64d218afc807071e730 HTTP Headers `GET /images/ph.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 6503 last-modified: Sat, 19 Nov 2022 02:56:04 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GC5apwGgoXuTgkbWt2b%2BrvQradUjDf7NetCRrfmqLgyEpXU0V%2FXBpBcPDwRmJlfStuqgy1q3FHH%2FzbvkUU34iyzO1QGw8q9qp5nSZc8SC3RLFJgpsSwffT0M%2BMNO5l8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae987ed90b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img.pay4d.info/buku-mimpi.png	104.19.136.75	200 OK	734 B
URL HTTP/2 img.pay4d.info/buku-mimpi.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 734 B (734 bytes) Hash 47e11b51ac743eaa8cf239317b274ed5 2f8e7efe94b9a2bc33e4a2cfa5d56c767e53f2b6 e102b58cf346532436c7e47dc3e2e29fc53b5b550e0fcd1c4200aadce03bb7e6 HTTP Headers `GET /buku-mimpi.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 734 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=3014 content-disposition: inline; filename="buku-mimpi.webp" last-modified: Sat, 30 Jan 2021 10:28:57 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b84b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/picleft-b.jpg	104.19.136.75	200 OK	12 kB
URL HTTP/2 img.pay4d.info/picleft-b.jpg IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 12 kB (11550 bytes) Hash ea02b87d5efe916e0d1fd689245bafa9 d515d56084f09ed372c254188e6fd75a74ae5543 1a84b9a6f066b825d388f044e0012bfe7922a9ca9a4400c2fa33cac082bfc91d HTTP Headers `GET /picleft-b.jpg HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 11550 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=40621 content-disposition: inline; filename="picleft-b.webp" last-modified: Tue, 03 Jan 2023 06:53:39 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b70b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/mobile-casino.png	104.19.136.75	200 OK	4.0 kB
URL HTTP/2 img.pay4d.info/mobile-casino.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 4.0 kB (3982 bytes) Hash a4ec13dedac773682a95ad0357c883d9 ac08067b8b14c320590fd8e0d9f46fee95c98064 34d33f63decd18d046d7ce1eaa41df45fd546a36c020d1aa2460c68d4e382a05 HTTP Headers `GET /mobile-casino.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 3982 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=8816 content-disposition: inline; filename="mobile-casino.webp" last-modified: Mon, 01 Feb 2021 07:21:49 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b7cb50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/informasi.png	104.19.136.75	200 OK	496 B
URL HTTP/2 img.pay4d.info/informasi.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 496 B (496 bytes) Hash 55734ca433dd15622f992f24a3750a77 625812100e07a5b85b1dca90d622c0deafa3410d 0b31e72e9209648652af2a9e36541fb4ca4015cdbca7f29ae1993824d379c395 HTTP Headers `GET /informasi.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 496 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=2507 content-disposition: inline; filename="informasi.webp" last-modified: Sat, 30 Jan 2021 10:28:59 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b85b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/icon-promo_w.png	104.19.136.75	200 OK	11 kB
URL HTTP/2 img.pay4d.info/icon-promo_w.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 11 kB (11412 bytes) Hash 816a4fd40d29c5ba31bb4b9f61c3f540 14db71e41b29ad9701790f2dda8f00a5fc3596f7 0ca698ee7649b886c54c83a5e73dd7c86bfaf1185f41647571aaf0879c64cae3 HTTP Headers `GET /icon-promo_w.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 11412 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=27663 content-disposition: inline; filename="icon-promo_w.webp" last-modified: Fri, 13 Nov 2020 07:11:14 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b78b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/slot-spad.png	104.19.136.75	200 OK	1.3 kB
URL HTTP/2 img.pay4d.info/slot-spad.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 1.3 kB (1258 bytes) Hash d6290e499ede13e741045d26dfbd95bf 73a41f0d753bb0843be9bfb147e1999ced0e30d5 ccdb75fdea9558a8454442831c45017f205cd8729bc2f0399b91e1fb2473cd89 HTTP Headers `GET /slot-spad.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 1258 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4945 content-disposition: inline; filename="slot-spad.webp" last-modified: Wed, 18 Dec 2019 05:38:16 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae992b9ab50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/fish-alien-hunter.png	104.19.136.75	200 OK	2.9 kB
URL HTTP/2 img.pay4d.info/fish-alien-hunter.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 2.9 kB (2884 bytes) Hash 44ed1c2cb6486482db8d337636bd9494 7d7f1961857c405b2d72078ee512626a79ce2504 165db214f71fc24501cec62e40869ad284f2ef1fddae90933b570a605608b2a3 HTTP Headers `GET /fish-alien-hunter.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 2884 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=9071 content-disposition: inline; filename="fish-alien-hunter.webp" last-modified: Wed, 07 Jul 2021 11:05:14 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae994bc8b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/live-opus.png	104.19.136.75	200 OK	1.3 kB
URL HTTP/2 img.pay4d.info/live-opus.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 1.3 kB (1330 bytes) Hash ff58f7baf1903414b9e121fa194c01a0 9686d2811e39d923e00d3573d187e84dda29fdba d68d2439ada8dcdb278433a33da32e2659f34ce90cc7c9023180bbd3dd92f54a HTTP Headers `GET /live-opus.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 1330 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4303 content-disposition: inline; filename="live-opus.webp" last-modified: Fri, 26 Aug 2022 10:55:33 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae993bb7b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/sport-sbo.png	104.19.136.75	200 OK	916 B
URL HTTP/2 img.pay4d.info/sport-sbo.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 916 B (916 bytes) Hash cae13d2cc7b31af8015e56b8fea2fc1e 27b5f0536f897c018485311e47acb4b6f28b5eac d3373d5f14a658e23f379b60fbadf2d4439ffd043826cbe4f9efb13e7ac4b591 HTTP Headers `GET /sport-sbo.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 916 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4025 content-disposition: inline; filename="sport-sbo.webp" last-modified: Mon, 19 Dec 2022 07:31:08 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae994bc3b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/sport-saba.png	104.19.136.75	200 OK	1.8 kB
URL HTTP/2 img.pay4d.info/sport-saba.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 1.8 kB (1770 bytes) Hash 9dc335c8ab6468b47a49e492aa97af52 e8982a717f2557a1242a1dfd4511ceec6b47cd70 277b290785f86422c338396b72410c9dfb7f0672b608e6808f41365b3579f26f HTTP Headers `GET /sport-saba.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 1770 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=5247 content-disposition: inline; filename="sport-saba.webp" last-modified: Mon, 19 Dec 2022 07:31:08 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae994bc2b50c-OSL X-Firefox-Spdy: h2`

	fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2	216.58.207.227	200 OK	45 kB
URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data Size 45 kB (45300 bytes) Hash 5fe660c3a23b871807b0e1d3ee973d23 62a9dd423b30b6ee3ab3dd40d573545d579af10a e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d HTTP Headers `GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://becak4dw.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 45300 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 25 Jan 2023 19:35:10 GMT expires: Thu, 25 Jan 2024 19:35:10 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:11:08 GMT content-type: font/woff2 age: 568659 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2	216.58.207.227	200 OK	47 kB
URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data Size 47 kB (47048 bytes) Hash 87a1556b696ae2cb1a726bd8c4584a2f 1be0f6f39e0cf316f9827f945eeeaef8294cc37b 141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1 HTTP Headers `GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://becak4dw.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 47048 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 28 Jan 2023 15:52:50 GMT expires: Sun, 28 Jan 2024 15:52:50 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:55:54 GMT content-type: font/woff2 age: 322799 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	img.pay4d.info/picleft.jpg	104.19.136.75	200 OK	22 kB
URL HTTP/2 img.pay4d.info/picleft.jpg IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 22 kB (22128 bytes) Hash 2b1bdc85cc48c85f6033c7ddca833b0c df9589d7051fba1a5c2fd15b81b11f72f24caee0 7e599adfbea9fa50b6139eae70f7ee2214c9a0fd14a718f1d07bfd4b955ae63d HTTP Headers `GET /picleft.jpg HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/webp content-length: 22128 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=26042 content-disposition: inline; filename="picleft.webp" last-modified: Fri, 04 Nov 2022 13:42:48 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b6db50c-OSL X-Firefox-Spdy: h2`

	fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2	216.58.207.227	200 OK	9.8 kB
URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data Size 9.8 kB (9840 bytes) Hash afda6e429fd299054de28e1f157c683d c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b 81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e HTTP Headers `GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://becak4dw.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 9840 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 29 Jan 2023 06:32:23 GMT expires: Mon, 29 Jan 2024 06:32:23 GMT cache-control: public, max-age=31536000 last-modified: Mon, 18 Jul 2022 19:24:04 GMT content-type: font/woff2 age: 270026 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	i.postimg.cc/CLK50hXL/RTP-BECAK4-D-1.gif	162.19.61.80	200 OK	18 MB
URL HTTP/2 i.postimg.cc/CLK50hXL/RTP-BECAK4-D-1.gif IP 162.19.61.80:0 ASN #16276 OVH SAS File type GIF image data, version 89a, 518 x 518\012- data Size 18 MB (17468033 bytes) Hash 8f3f872963a5eb7ffc655d461f3cd0e6 fd352b4c41044304913fc72a415c59b84c6c3af8 b60437031863ad61f1c42909dfbb5bb9ba7025f9469ac220e5606a443f647ed4 HTTP Headers `GET /CLK50hXL/RTP-BECAK4-D-1.gif HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/gif content-length: 17468033 last-modified: Tue, 28 Jun 2022 07:10:49 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	img.pay4d.info/picmid.jpg	104.19.136.75	200 OK	34 kB
URL HTTP/2 img.pay4d.info/picmid.jpg IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data Size 34 kB (34044 bytes) Hash 9ff8825bea0abb9177794729b5932760 9424c5ff2b125bc8d319313875c90c5393183b36 18179e3e611fdec3356c387f78b85ff7201fd7ee6166eb5aff06aa851cbe4b82 HTTP Headers `GET /picmid.jpg HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/jpeg content-length: 34044 cf-bgj: imgq:85,h2pri cf-polished: degrade=85, origSize=36646, status=webp_bigger last-modified: Fri, 04 Nov 2022 13:42:48 GMT cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:49 GMT cache-control: public, max-age=7200 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7929ae991b6bb50c-OSL X-Firefox-Spdy: h2`

	becak4dw.com/images/bgline2.png	172.67.154.182	200 OK	1.4 kB
URL HTTP/2 becak4dw.com/images/bgline2.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 1228 x 6, 8-bit/color RGB, non-interlaced\012- data Size 1.4 kB (1410 bytes) Hash b15a5b46381bfcee9e7c9c73330af9f8 708d5f3cf7baa742f6219929aa4f8b49a425948b 6c0ebfe966fdd482952530764ea66791b82a92ceae2734bf1552ba64334677a3 HTTP Headers `GET /images/bgline2.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 1410 last-modified: Wed, 08 Sep 2021 05:37:05 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vD5NAFYyiy6MhwkTOGT6EUCf5KdUFJxSYV1ydioZONxSUCrofSavH%2BLH7zsuj6opzWVjpIwyjcUBzqlquw8mHk%2BtSrhk3Symsg8sUU979TrsSqWtu3YOyeyIITcLlks%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae990f760b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	becak4dw.com/images/logo.png	172.67.154.182	200 OK	39 kB
URL HTTP/2 becak4dw.com/images/logo.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 400 x 96, 8-bit/color RGBA, non-interlaced\012- data Size 39 kB (39020 bytes) Hash 9bd940882099fc88cd1399add5102776 d8e4510831d9e9c5a7c6baf6f0e02db6e003f758 b76fad2f6f9680986f2f63455760936e8351d4ffd311e9eba2957472e1c9cf81 HTTP Headers `GET /images/logo.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 39020 last-modified: Wed, 08 Sep 2021 05:37:08 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ywuA89VQxw1Bfyux9AtWZ22faqzvAsOsRBLIY%2B2rB7o7h1iDbFOfJ6NloaTHx0ccamReTJPunOvIs%2Blh9c3ir%2Bgt0%2BHzpfvg2qFY8%2FNBjgL4BNWNkTPrEYMDG%2FVuxk%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae985eb10b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img.pay4d.info/mobile-sport.png	104.19.136.75	200 OK	2.7 kB
URL HTTP/2 img.pay4d.info/mobile-sport.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 2.7 kB (2730 bytes) Hash 02a8a80face04e69f3bfa68f686f57bb 61f8a41a95694c27a307199407af513dde0dc43e d9cd2cc3ba7a11673f072f321e83694c7da5979c0adda00e26de15d9a1f43797 HTTP Headers `GET /mobile-sport.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 2730 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=6408 content-disposition: inline; filename="mobile-sport.webp" last-modified: Mon, 01 Feb 2021 07:21:49 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b7db50c-OSL X-Firefox-Spdy: h2`

	becak4dw.com/images/bgline.png	172.67.154.182	200 OK	966 B
URL HTTP/2 becak4dw.com/images/bgline.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 576 x 4, 8-bit/color RGB, non-interlaced\012- data Size 966 B (966 bytes) Hash e561ed96b7ed1975fa3ba2ab684fc672 258585bb1dce5ae13c97eb0a76330ab7a5f49851 aa25f91a0487796a5f2ccf489444799d307c73166474212a1bc1f2681ef692fe HTTP Headers `GET /images/bgline.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 966 last-modified: Wed, 08 Sep 2021 05:37:05 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLLpOJV1J%2Fqug4AR6B%2BlaKEPMnpLSCLsn2JYF4FYEmecTjtx5pZDyyR9MoqP6vtdjV%2FHFaCf8kq%2BjlhLfZu%2FCn4Pg9jQP%2FkDH1wJT7IqG3zFkURGsbPvyuODVwY07EQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae990f710b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img.pay4d.info/slot-pg.png	104.19.136.75	200 OK	1.7 kB
URL HTTP/2 img.pay4d.info/slot-pg.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 1.7 kB (1740 bytes) Hash 86ec152055228538f1a8f8943f179a97 ef30830c693272695c7cf5f2ac12679c75a2db18 a643c08a5d025958c4499731c62c3cc78663aa9c6bd2d567bbff38b4637b339b HTTP Headers `GET /slot-pg.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 1740 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=5084 content-disposition: inline; filename="slot-pg.webp" last-modified: Tue, 08 Jun 2021 09:18:38 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b91b50c-OSL X-Firefox-Spdy: h2`

	becak4dw.com/images/logoweb.png	172.67.154.182	200 OK	39 kB
URL HTTP/2 becak4dw.com/images/logoweb.png IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type PNG image data, 400 x 96, 8-bit/color RGBA, non-interlaced\012- data Size 39 kB (39020 bytes) Hash 5f012d19aa942f1a6a8162b104f9b801 8305e6258db4518a94a5f0cb364776dfbd82ad64 018bf55bd2021314725df4898672bac9a94fc06efc765fa3c7291d156aa3c106 HTTP Headers `GET /images/logoweb.png HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png content-length: 39020 last-modified: Wed, 08 Sep 2021 05:37:10 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKD8xpxceJJAEcvgVZROuHgYyUxqL3NRkc1gbY97vBrajhntIl8qec7eJg0PQlpnvuvgu5hUI9UPPvufatfD6fyxog0a1qykgUTGEVSxiPDc8OLu0%2FXxICnGgfb9prY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae989f070b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img.pay4d.info/kontak/line.png	104.19.136.75	200 OK	396 B
URL HTTP/2 img.pay4d.info/kontak/line.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 396 B (396 bytes) Hash 6a2f088ef8dcce50e35c9fa786ea2b8f c7976ba757370e5771e5596f89028b3c116bd85f 5dca4c53e05afdf097de02a1e7f059e83b7c6e9d1468f518c8ae2301427232e6 HTTP Headers `GET /kontak/line.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 396 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=1633 content-disposition: inline; filename="line.webp" last-modified: Mon, 09 Sep 2019 19:19:48 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b8cb50c-OSL X-Firefox-Spdy: h2`

	becak4dw.com/images/upload-Slides-20220523062505.jpg	172.67.154.182	200 OK	168 kB
URL HTTP/2 becak4dw.com/images/upload-Slides-20220523062505.jpg IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 1900x380, components 3\012- data Size 168 kB (168014 bytes) Hash 3b89deba74f462625c1cde3bee622421 fed7535e1c5d19273f634e43577944109d5fb737 ad0a9be5518856647e07e4b99c551b65c210f0266009ccc403125a784c6a6721 HTTP Headers `GET /images/upload-Slides-20220523062505.jpg HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/jpeg content-length: 168014 last-modified: Sun, 22 May 2022 23:25:05 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYWKl4YtNrUKlAAQzH%2Fj%2FUZVIqzPWr080PxgeRU8v%2B2aKH0a2H0UFumUqJ7e%2BrDh9saxSq4moVPGH4WUreqYbZEBQiCcQ6BrxloAyJwN7%2BAvw0f9qzlQkbkyksgW%2Fm4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae98ef4c0b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img.pay4d.info/footern.png	104.19.136.75	200 OK	10 kB
URL HTTP/2 img.pay4d.info/footern.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 10 kB (10240 bytes) Hash c874f595389f01e778067dff5bc5d1f0 c5f3cb0b0a03bb0cc41cea7d1bc24b630eaab4bf 84097f8df21211e36d200017ce5dbb571569bbd5d21d7dfb1067d0b75567b17f HTTP Headers `GET /footern.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 10240 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=11983 content-disposition: inline; filename="footern.webp" last-modified: Fri, 04 Nov 2022 13:47:10 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b88b50c-OSL X-Firefox-Spdy: h2`

	becak4dw.com/images/upload-Slides-20210909130043.jpg	172.67.154.182	200 OK	260 kB
URL HTTP/2 becak4dw.com/images/upload-Slides-20210909130043.jpg IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x380, components 3\012- data Size 260 kB (259621 bytes) Hash d7dcdbe318a147fc1ed844d3f3e7cb05 c02b7ba593e539ba52b62aabc41043fda3c6a36d d6c82b3f7330ff827262788127eb880058bab487eb089b13e25fc9d9397d83dc HTTP Headers `GET /images/upload-Slides-20210909130043.jpg HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/jpeg content-length: 259621 last-modified: Thu, 09 Sep 2021 06:00:43 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbLWhAmOyab%2FIRAgCIaDBviZT6Vo3eX2vBdDqOZo%2B9zRYVy4xLW1cgOdZ%2FVQigIdxoflLFyfwjGD54z6g9Ry%2BtosIqMkBteyOmqDl82HvLqeSypFlxLSTBe%2F1qoqYZI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae98ef430b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	becak4dw.com/images/upload-Slides-20210909130110.jpg	172.67.154.182	200 OK	287 kB
URL HTTP/2 becak4dw.com/images/upload-Slides-20210909130110.jpg IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x380, components 3\012- data Size 287 kB (286728 bytes) Hash 4e3c5ee20b07f4a3cf56157ba70bb426 bad86b0759b2ac931cdad052de55faafafed5746 3c306c06c6f456e75678a3bc66cc0fe38e33ab1f1b911365ad3c21516377924a HTTP Headers `GET /images/upload-Slides-20210909130110.jpg HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/jpeg content-length: 286728 last-modified: Thu, 09 Sep 2021 06:01:10 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sECp0yXB52OGkZ5RI7E8qDj8zqxfX8JDu0TZhBoHTPDCcrzx%2B9C71uXfDWRMhPXuBqCODsLD6FNuorF%2Bongi%2FoXB4p94h7FwyXQ%2BxpBTkudUfuhb%2FCy5gzdafFzjnvM%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae98ef440b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	becak4dw.com/images/upload-Slides-20210908132642.jpg	172.67.154.182	200 OK	310 kB
URL HTTP/2 becak4dw.com/images/upload-Slides-20210908132642.jpg IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x380, components 3\012- data Size 310 kB (309760 bytes) Hash b2450b8ab8d079a47670f4594facf002 e8c039bddc9bd94b262ff4e6414a271c11bd3904 c2f942b75390ac5da42d83649a3d00de7aaadebe9dd48ea4e4e0985c1304c75e HTTP Headers `GET /images/upload-Slides-20210908132642.jpg HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/jpeg content-length: 309760 last-modified: Wed, 08 Sep 2021 06:26:42 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkWizE6qyHLRHSnWe7H6OgQmp09TvOrelz2GNFGwbodx1E5HbeJQ%2BRH6r%2BzotXdUMuX%2BMkrzx%2B%2BSS6S6BThjGngTIhzaEkUJEgLY7FQr11q%2BeTlu8DuzaKcU8b6OcMA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae98ef420b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img.pay4d.info/fish-zombie.png	104.19.136.75	200 OK	2.8 kB
URL HTTP/2 img.pay4d.info/fish-zombie.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 2.8 kB (2760 bytes) Hash 88304eeaf81e9ebd296a0d0e2ddb7be2 32c2c254dfa81406883e0507339c538a4af5ce3b fab65eee93acd119c34e221f22ca4029d06a9fa9a5d93b56be894e4247ff7d81 HTTP Headers `GET /fish-zombie.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 2760 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=9384 content-disposition: inline; filename="fish-zombie.webp" last-modified: Thu, 05 Aug 2021 09:13:00 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae994bc9b50c-OSL X-Firefox-Spdy: h2`

	becak4dw.com/images/upload-Promo-20210911214733.jpg	172.67.154.182	200 OK	287 kB
URL HTTP/2 becak4dw.com/images/upload-Promo-20210911214733.jpg IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x380, components 3\012- data Size 287 kB (286728 bytes) Hash 4e3c5ee20b07f4a3cf56157ba70bb426 bad86b0759b2ac931cdad052de55faafafed5746 3c306c06c6f456e75678a3bc66cc0fe38e33ab1f1b911365ad3c21516377924a HTTP Headers `GET /images/upload-Promo-20210911214733.jpg HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/jpeg content-length: 286728 last-modified: Sat, 11 Sep 2021 14:47:33 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbZ0CjBV5yM5pYVPL5ZDgwzVxs1c%2Fid4VGH7r45q1KNDnjjhHJkc5w3xz3hapLaQAH6jPLk9TGr3KIcfMYIGw6x40Xah%2B%2FB2lh9WGW3ArKilgUKxYusOHR5XwY7H9gA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae986ecf0b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img.pay4d.info/kontak/wa.png	104.19.136.75	200 OK	378 B
URL HTTP/2 img.pay4d.info/kontak/wa.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 378 B (378 bytes) Hash 18d9883e1a072905361ca73d34a57734 c9dcf63a7866cd530f7615bd220e7ce4e81aad0d a06f5509e0ed17a2901ee5d71717a549f53e66dbec7607e3944cb418c60688c5 HTTP Headers `GET /kontak/wa.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 378 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=1628 content-disposition: inline; filename="wa.webp" last-modified: Mon, 09 Sep 2019 19:19:48 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b8bb50c-OSL X-Firefox-Spdy: h2`

	becak4dw.com/images/upload-Promo-20210911214201.jpg	172.67.154.182	200 OK	260 kB
URL HTTP/2 becak4dw.com/images/upload-Promo-20210911214201.jpg IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x380, components 3\012- data Size 260 kB (259621 bytes) Hash d7dcdbe318a147fc1ed844d3f3e7cb05 c02b7ba593e539ba52b62aabc41043fda3c6a36d d6c82b3f7330ff827262788127eb880058bab487eb089b13e25fc9d9397d83dc HTTP Headers `GET /images/upload-Promo-20210911214201.jpg HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/jpeg content-length: 259621 last-modified: Sat, 11 Sep 2021 14:42:01 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lr8QbtrcM6Wqf9QHvPo333CHb%2BkQ37T04iXdnKsusc37eu6Tyv4F7b0gjKXvxx1NN5BSfMxkEtd0dNLvv%2BGlhuY%2BrXl%2FqmQWgaCYC2VJicAm%2FPOVl0MYq%2BOF2NAPF1s%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae986ece0b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img.pay4d.info/live-all.png	104.19.136.75	200 OK	2.5 kB
URL HTTP/2 img.pay4d.info/live-all.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 2.5 kB (2548 bytes) Hash 80ab66e968b68828f745dbd67b94dfc8 18d70a225ba9f5c51d79d286178312966d339f76 bf207416b528a9c36145e5943266d17c909af991f3512d62636b85eb8232ab5f HTTP Headers `GET /live-all.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 2548 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=9511 content-disposition: inline; filename="live-all.webp" last-modified: Mon, 07 Sep 2020 10:34:19 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae994bc0b50c-OSL X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4873 Expires: Wed, 01 Feb 2023 10:54:04 GMT Date: Wed, 01 Feb 2023 09:32:51 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4873 Expires: Wed, 01 Feb 2023 10:54:04 GMT Date: Wed, 01 Feb 2023 09:32:51 GMT Connection: keep-alive`

	img.pay4d.info/live-pp.png	104.19.136.75	200 OK	1.4 kB
URL HTTP/2 img.pay4d.info/live-pp.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 1.4 kB (1418 bytes) Hash 1f1aa38c5a91ca20b6bfdee9245eebc2 5f00a7a39257fc368e3fcaaf0b923f6a9fd49bcf 57d9d0b26be6a4ea6d8894ff8dab03ea2c4400155146d5380281f4a589966e65 HTTP Headers `GET /live-pp.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 1418 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=7765 content-disposition: inline; filename="live-pp.webp" last-modified: Fri, 26 Jun 2020 07:51:40 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae993bafb50c-OSL X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4872 Expires: Wed, 01 Feb 2023 10:54:04 GMT Date: Wed, 01 Feb 2023 09:32:52 GMT Connection: keep-alive`

	img.pay4d.info/mobile-tembakikan.png	104.19.136.75	200 OK	2.1 kB
URL HTTP/2 img.pay4d.info/mobile-tembakikan.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 2.1 kB (2106 bytes) Hash bfdeefb05e569edf1028afb65895653c 97478d745112e48f9400eaeab7e84c41c60ceec2 02f0b6b2e6ee24f5bf2774b69109e9f1f0c5d1deafda081ed4c48d62b90ab9dd HTTP Headers `GET /mobile-tembakikan.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 2106 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=5201 content-disposition: inline; filename="mobile-tembakikan.webp" last-modified: Mon, 01 Feb 2021 07:21:49 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b83b50c-OSL X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4872 Expires: Wed, 01 Feb 2023 10:54:04 GMT Date: Wed, 01 Feb 2023 09:32:52 GMT Connection: keep-alive`

	img.pay4d.info/icon-kontak_w.png	104.19.136.75	200 OK	9.0 kB
URL HTTP/2 img.pay4d.info/icon-kontak_w.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 9.0 kB (9008 bytes) Hash 9076cf659b9af3835b5a25a73a16551f 601f969eb09c00fe344b2b53cacd87573e32d700 72b4cf3cea98074a04121c1249ba5ffd4fe76482863cb6b3de9ecf68914770c2 HTTP Headers `GET /icon-kontak_w.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 9008 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=20605 content-disposition: inline; filename="icon-kontak_w.webp" last-modified: Fri, 13 Nov 2020 07:38:15 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b7bb50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/slot-jok.png	104.19.136.75	200 OK	2.0 kB
URL HTTP/2 img.pay4d.info/slot-jok.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 2.0 kB (2000 bytes) Hash c3d6ce73337d8098402370b95ce184d6 f82824809e6fc6b5bc0696c7dce5942ab17abac5 21cd86f323c17093d4d78ba1e98352a00c8459cb70d1135006cf1de90b0388b3 HTTP Headers `GET /slot-jok.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 2000 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=7983 content-disposition: inline; filename="slot-jok.webp" last-modified: Wed, 18 Dec 2019 05:38:14 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae993ba7b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/slot-cq9.png	104.19.136.75	200 OK	1.2 kB
URL HTTP/2 img.pay4d.info/slot-cq9.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 1.2 kB (1182 bytes) Hash c1a383f5c29c2a1abb0146f00f976edd d044fc1b18c28a0129ef1ffbeba52166614d057e cef9e6fabf6bc11ddbe76f0abec0e0f7106ba78a0b5499c3c640d82c8a7d6701 HTTP Headers `GET /slot-cq9.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 1182 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4157 content-disposition: inline; filename="slot-cq9.webp" last-modified: Wed, 10 Nov 2021 17:01:06 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b93b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/slot-mg.png	104.19.136.75	200 OK	1.1 kB
URL HTTP/2 img.pay4d.info/slot-mg.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 1.1 kB (1092 bytes) Hash ab217824849c8bc2f05240458ef55574 06b015108c8fc22469d8e5a4c371e6d05c04b624 326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72 HTTP Headers `GET /slot-mg.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 1092 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4064 content-disposition: inline; filename="slot-mg.webp" last-modified: Tue, 15 Mar 2022 06:24:42 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae992ba4b50c-OSL X-Firefox-Spdy: h2`

	region1.google-analytics.com/g/collect?v=2&tid=G-9FL1213YT1&gtm=2oe1u0&_p=812214959&cid=50428987.1675243990&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675243990&sct=1&seg=0&dl=https%3A%2F%2Fbecak4dw.com%2F&dt=BECAK4D%20%3A%20Daftar%20Situs%20Game%20Slot%20Online%20%26%20Casino%20Online%20Indonesia&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1	216.239.32.36	204 No Content	0 B
URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-9FL1213YT1&gtm=2oe1u0&_p=812214959&cid=50428987.1675243990&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675243990&sct=1&seg=0&dl=https%3A%2F%2Fbecak4dw.com%2F&dt=BECAK4D%20%3A%20Daftar%20Situs%20Game%20Slot%20Online%20%26%20Casino%20Online%20Indonesia&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP 216.239.32.36:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-9FL1213YT1&gtm=2oe1u0&_p=812214959&cid=50428987.1675243990&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675243990&sct=1&seg=0&dl=https%3A%2F%2Fbecak4dw.com%2F&dt=BECAK4D%20%3A%20Daftar%20Situs%20Game%20Slot%20Online%20%26%20Casino%20Online%20Indonesia&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://becak4dw.com Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://becak4dw.com date: Wed, 01 Feb 2023 09:32:52 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	img.pay4d.info/slot-hab.png	104.19.136.75	200 OK	1.9 kB
URL HTTP/2 img.pay4d.info/slot-hab.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 1.9 kB (1888 bytes) Hash 158c1eeabbd166126f46035ec5e6d457 83fa7159d10da9989fc9853ee6f96ab57b065e83 11bd40a973e0e088856ced2e923bb0badeb4291c9ea0d11386d9a469817eeda0 HTTP Headers `GET /slot-hab.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 1888 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=5768 content-disposition: inline; filename="slot-hab.webp" last-modified: Wed, 18 Dec 2019 05:38:14 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b92b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/mobile-togel.png	104.19.136.75	200 OK	2.8 kB
URL HTTP/2 img.pay4d.info/mobile-togel.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 2.8 kB (2816 bytes) Hash 24ee8246bf5b00f82e391b3de2c9530d 44b86adefeab3260148aadfa367cf35c602b6761 04ea1ba435c65231d96bea3e735c0bc193beb05f7e921a354ef593dbfd7528fb HTTP Headers `GET /mobile-togel.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 2816 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=6237 content-disposition: inline; filename="mobile-togel.webp" last-modified: Mon, 01 Feb 2021 07:21:49 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b82b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/slot-ttg.png	104.19.136.75	200 OK	356 B
URL HTTP/2 img.pay4d.info/slot-ttg.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 356 B (356 bytes) Hash 3ce52bfdf47ac5aeec429c7d844f8309 20ecca3cdae26598825aca9d3180721585936d76 574449c76cb20fb822d17cec93a25ed069371c78d8f6e9efb0daa4924a411a56 HTTP Headers `GET /slot-ttg.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 356 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=2467 content-disposition: inline; filename="slot-ttg.webp" last-modified: Sat, 14 Mar 2020 09:33:42 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae993ba8b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/mobile-slot.png	104.19.136.75	200 OK	3.0 kB
URL HTTP/2 img.pay4d.info/mobile-slot.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 3.0 kB (3002 bytes) Hash bd496c55acc5fdb1ebe53c18e7b78a2e 256827a0c6474898129d22b1cfa7fadc88d96b70 414beef5dd52d21ddb304d58eedf9a6503a42523de9f54922c76f567343cdfc3 HTTP Headers `GET /mobile-slot.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 3002 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=6674 content-disposition: inline; filename="mobile-slot.webp" last-modified: Mon, 01 Feb 2021 07:21:49 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b7fb50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/live-mg.png	104.19.136.75	200 OK	1.1 kB
URL HTTP/2 img.pay4d.info/live-mg.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 1.1 kB (1092 bytes) Hash ab217824849c8bc2f05240458ef55574 06b015108c8fc22469d8e5a4c371e6d05c04b624 326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72 HTTP Headers `GET /live-mg.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 1092 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4064 content-disposition: inline; filename="live-mg.webp" last-modified: Tue, 15 Mar 2022 06:24:43 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae993bb5b50c-OSL X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg	34.120.237.76	200 OK	8.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.7 kB (8735 bytes) Hash 23db22ce2120fbb0ae6109e1a046062d 2068c8d9a5bc30a17be658e198e26c64a80703cf f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8735 x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: foJaWFP_IAMF9wA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ== via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 21:42:19 GMT age: 42633 etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img.pay4d.info/live-ion.png	104.19.136.75	200 OK	2.4 kB
URL HTTP/2 img.pay4d.info/live-ion.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 2.4 kB (2434 bytes) Hash 1a48e4a72414e5587b22eb4ac4ae959b a3ac92a04917abab71a98503dcfff52be3af7cdb e48ccb777ed57ca1eee701da53a8fa2d85b64639d0b8210e3160678e1753b144 HTTP Headers `GET /live-ion.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 2434 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=6674 content-disposition: inline; filename="live-ion.webp" last-modified: Fri, 26 Jun 2020 07:51:41 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae993bb1b50c-OSL X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg	34.120.237.76	200 OK	5.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.7 kB (5736 bytes) Hash 2998f7f50ac0eec931c348e8a0fb0c60 f5e411cda74cb7fb4a662f4787e9543b9749c8b5 0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5736 x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffEtEGk_oAMFYPA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ== via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 10:37:05 GMT age: 82547 etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img.pay4d.info/live-sg.png	104.19.136.75	200 OK	2.8 kB
URL HTTP/2 img.pay4d.info/live-sg.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 2.8 kB (2814 bytes) Hash 5fde10bbbfdf170112f4bc9859955ed5 e73a68c4221288b52a848a67801f9bcd387ba2ea 60bb4f59c40e9ef9f1d2be56a2a7324a8750e339de1efb9b96840314b8581628 HTTP Headers `GET /live-sg.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 2814 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=11259 content-disposition: inline; filename="live-sg.webp" last-modified: Thu, 10 Dec 2020 08:44:39 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae994bc1b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/picrightsport.jpg	104.19.136.75	200 OK	20 kB
URL HTTP/2 img.pay4d.info/picrightsport.jpg IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 20 kB (20504 bytes) Hash d1f34718eb29953cdea660adc61f1ecd 4856b1c3779c7dcf70c23b5efd1dc29d70698efa 5a8d9b477da241d730a8f786ed294e4b5e5c868363130072dec8164399c5e743 HTTP Headers `GET /picrightsport.jpg HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 20504 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=46462 content-disposition: inline; filename="picrightsport.webp" last-modified: Mon, 19 Dec 2022 07:27:45 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b6fb50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/picright.jpg	104.19.136.75	200 OK	23 kB
URL HTTP/2 img.pay4d.info/picright.jpg IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data Size 23 kB (23329 bytes) Hash 4d21cb6ce4fcf78445d50ec994697f8b df4d5433b0acbf6ee3a0db62663f071b2fb01275 b267ac51d20c09b4e5bb4f90f30fac9fb72c024f4448eff75cbccdba316da2e6 HTTP Headers `GET /picright.jpg HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/jpeg content-length: 23329 cf-bgj: imgq:85,h2pri cf-polished: degrade=85, origSize=26379, status=webp_bigger last-modified: Fri, 04 Nov 2022 13:42:48 GMT cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 7929ae991b76b50c-OSL X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg	34.120.237.76	200 OK	9.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.6 kB (9600 bytes) Hash 3366ef4f8733cb9c89a5c88f63a0a441 7da46843b6d885f38a4759a08e6c899906ab7b97 7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9600 x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fVsWcFN7IAMF2pg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0 x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 02:29:58 GMT age: 25374 etag: "7da46843b6d885f38a4759a08e6c899906ab7b97" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img.pay4d.info/picmid-b.jpg	104.19.136.75	200 OK	14 kB
URL HTTP/2 img.pay4d.info/picmid-b.jpg IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 14 kB (14152 bytes) Hash 3c37b7fb71f105f8b8672c66677a0b85 9a507c9d9c2909c55c080df7e4a63ff82c8b357c 51b7b166d8e3ae02de88cb7af8209160e491478c8d00c93900f85e6e7886f716 HTTP Headers `GET /picmid-b.jpg HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 14152 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=15488 content-disposition: inline; filename="picmid-b.webp" last-modified: Tue, 31 Jan 2023 09:08:53 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b72b50c-OSL X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a7557cc-bf07-438f-8710-ba1b44e30270.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a7557cc-bf07-438f-8710-ba1b44e30270.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5583 bytes) Hash fec00239dceb510f051645ae93dac5f2 6524837e65b070341f9c8f4589492876ae293f17 d00272557742c57d084ab7e46b9b1722b28b869ae9c63e2169e7124e5107c009 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a7557cc-bf07-438f-8710-ba1b44e30270.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5583 x-amzn-requestid: f37b4455-c9fb-46e4-a287-f40c1138a77a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fflQWGqCIAMFvjA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d61c02-01d34b0d3a9a0101555081f5;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 07:10:58 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: B6h-UbN1ZGshwcCuhhT82vu8ApQHq2E-5IybV31s1Enq2jXM_dd42A== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 06:33:50 GMT age: 10742 etag: "6524837e65b070341f9c8f4589492876ae293f17" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img.pay4d.info/pop/mobile-opus.jpg	104.19.136.75	200 OK	39 kB
URL HTTP/2 img.pay4d.info/pop/mobile-opus.jpg IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 39 kB (38952 bytes) Hash e0f0398b008b54161488a24184c7b455 a1c0f710df421e3b87ca8497185b870c82e8b7fe b21cc98d601689089a2035d0b77f6c449699a5fe1cffb7b96b51e4873dcdcb60 HTTP Headers `GET /pop/mobile-opus.jpg HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 38952 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=188136 content-disposition: inline; filename="mobile-opus.webp" last-modified: Wed, 01 Feb 2023 06:21:54 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b69b50c-OSL X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57810a89-c2fa-4da6-8c38-d7ab4682343c.jpeg	34.120.237.76	200 OK	4.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57810a89-c2fa-4da6-8c38-d7ab4682343c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.6 kB (4588 bytes) Hash 23fba3309226071f6f44081c3a92bc0b 21119ea71d26ab157ec491f9cf68918d63310fb4 b29c1f3f6966e08bd3954275c8d2a3ae44a352b41e5d3f04203b55f65708fafc HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57810a89-c2fa-4da6-8c38-d7ab4682343c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4588 x-amzn-requestid: 1d726cce-35c6-42d7-a592-8f22f1bd310a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fmJr4GXvoAMFXvA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d8bcb2-71af755c24ba2e9a39f17451;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 07:01:06 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: DzgQlPECoiRf-pZjVVk-EsjIl0kVj0b-BfiWBgUEFamma1pYDUMP6A== via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 14:29:26 GMT age: 68606 etag: "21119ea71d26ab157ec491f9cf68918d63310fb4" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img.pay4d.info/fish-fishing-god.png	104.19.136.75	200 OK	4.1 kB
URL HTTP/2 img.pay4d.info/fish-fishing-god.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 4.1 kB (4084 bytes) Hash a0948f83578f51b07453a73d2e7feb0e 0e3f824762ed0f79c93200f05b8b631535e62d50 294f599a73342736676eb2d36724e27f9ace65053d1eec0d5267318608dcb49d HTTP Headers `GET /fish-fishing-god.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 4084 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=8579 content-disposition: inline; filename="fish-fishing-god.webp" last-modified: Tue, 30 Mar 2021 09:18:46 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae994bc5b50c-OSL X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg	34.120.237.76	200 OK	16 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 16 kB (15857 bytes) Hash 4bb3a6fba496d54cdbbccaf2b9600386 8e30002699e9fbf2047f9ac11a36d2175fc9c591 927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 15857 x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fmJ2JGGWoAMFSLA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 07:27:41 GMT age: 7511 etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img.pay4d.info/logo_providernewn_w.png	104.19.136.75	200 OK	22 kB
URL HTTP/2 img.pay4d.info/logo_providernewn_w.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 22 kB (22350 bytes) Hash 2b9ef6421b1bb4ad82fd02d9e5b5b0e4 c33103e748ba45f1f6b4ba4dee2c4a8c9f674ba4 f74279c38ac20d40eefcb8376d87fb6aa64f00ed6f7cb48a3ab204c063016764 HTTP Headers `GET /logo_providernewn_w.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 22350 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=65781 content-disposition: inline; filename="logo_providernewn_w.webp" last-modified: Tue, 03 Jan 2023 06:53:37 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b87b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/fish-fishing-war.png	104.19.136.75	200 OK	4.2 kB
URL HTTP/2 img.pay4d.info/fish-fishing-war.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 4.2 kB (4158 bytes) Hash 5de4388ad28949bab321d81e8afd639b 320c986e3c630e937333639364dcf80ef7dc19a2 54d4dfa543f1b8e4c544ce229b644b2671722eca476c6b8cb9df759e2375561f HTTP Headers `GET /fish-fishing-war.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 4158 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=10616 content-disposition: inline; filename="fish-fishing-war.webp" last-modified: Tue, 30 Mar 2021 09:18:46 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae994bc7b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/picright-b.jpg	104.19.136.75	200 OK	21 kB
URL HTTP/2 img.pay4d.info/picright-b.jpg IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 21 kB (20622 bytes) Hash 11b3651cddd57d137ad1f9f632ca7360 7ac7d221ec9c1865dc06138b53fe870e6bccdb97 43c4b555f21c351bdd7b5953b63d93078c02def41fe3b333c85822aaca5bf5ef HTTP Headers `GET /picright-b.jpg HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 20622 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=24384 content-disposition: inline; filename="picright-b.webp" last-modified: Fri, 04 Nov 2022 13:42:49 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b77b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/live-evo.png	104.19.136.75	200 OK	1.2 kB
URL HTTP/2 img.pay4d.info/live-evo.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 1.2 kB (1224 bytes) Hash a27aeaaf4f87ea70e9d8f179dab9c1d6 acd3b82f10cf00f0487ca7fe1e22ad662d4638fd 9d16857bece7fbf86f719af897f7a7036dd151d2fa4d31e2ae08f863e0dfe179 HTTP Headers `GET /live-evo.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 1224 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4930 content-disposition: inline; filename="live-evo.webp" last-modified: Sat, 24 Dec 2022 07:19:19 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae993bb0b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/banner/slide-pp-nv.jpg	104.19.136.75	200 OK	169 kB
URL HTTP/2 img.pay4d.info/banner/slide-pp-nv.jpg IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 169 kB (168610 bytes) Hash d3d185a742b8f2650c153207608c6be7 5bc15557fcdb266c2cc9c7ea8f38def91508b9d2 e30c665d50bf89e24bc57096a97cffa3d4fd7b8e2cef770c482558979ecbf352 HTTP Headers `GET /banner/slide-pp-nv.jpg HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: image/webp content-length: 168610 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=268483 content-disposition: inline; filename="slide-pp-nv.webp" last-modified: Thu, 12 Jan 2023 07:32:42 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:50 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929ae991b8db50c-OSL X-Firefox-Spdy: h2`

	cdn.livechatinc.com/tracking.js	23.36.79.17	200 OK	26 kB
URL HTTP/2 cdn.livechatinc.com/tracking.js IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type data Size 26 kB (26103 bytes) Hash ad168b14a5b7efd5137559bade93ad14 7ba3e2c551fdf2879a757fbfcf5f42590269d010 3a4a1053c09137d9d25d118699d7389e019da7a9597b95a7504311b87111909c HTTP Headers `GET /tracking.js HTTP/1.1 Host: cdn.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK last-modified: Wed, 25 Jan 2023 08:47:12 GMT x-amz-version-id: iNzmqDcn1iRKaLiTk37THrDgz9osPO8C server: AmazonS3 content-encoding: br etag: W/"29e075294399875f6fd4bdaa0f4a20e4" vary: Accept-Encoding x-amz-cf-pop: AMS54-C1 x-amz-cf-id: qzl-0Ag5XGkDv_kWLbnI4JJvQy7icD_Dvire8pnIpy79iQNET2NH5w== content-length: 26103 cache-control: max-age=28800 expires: Wed, 01 Feb 2023 17:32:52 GMT date: Wed, 01 Feb 2023 09:32:52 GMT content-type: application/javascript; charset=utf-8 access-control-allow-origin: * X-Firefox-Spdy: h2

	api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13133205&url=https%3A%2F%2Fbecak4dw.com%2F&channel_type=code&jsonp=__p9teo2tki2	23.36.79.17	200 OK	264 B
URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13133205&url=https%3A%2F%2Fbecak4dw.com%2F&channel_type=code&jsonp=__p9teo2tki2 IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type ASCII text, with no line terminators Size 264 B (264 bytes) Hash 813d999f13d28a08a13002f780fa3195 7689eba745da2600552ee4f2ac7d5ce98cd7497d 60b1e6103730bdaca3d1be693780e4a0d4fcff99adc5570ff4d2249922b963ed HTTP Headers `GET /v3.3/customer/action/get_dynamic_configuration?license_id=13133205&url=https%3A%2F%2Fbecak4dw.com%2F&channel_type=code&jsonp=__p9teo2tki2 HTTP/1.1 Host: api.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-security-policy: frame-ancestors https://becak4dw.com/; content-type: application/javascript; charset=UTF-8 legacy: 2023-06-30 vary: Accept-Encoding x-frame-options: allow-from https://becak4dw.com/ content-length: 264 date: Wed, 01 Feb 2023 09:32:52 GMT X-Firefox-Spdy: h2`

	img.pay4d.info/dlandroid.png	104.19.136.75	200 OK	2.5 kB
URL HTTP/2 img.pay4d.info/dlandroid.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 2.5 kB (2520 bytes) Hash a74bb516386bf584bbcb42de349db17c 8bb9f72b4f8d077bbe7319cb341bd9ef7ea8136a 5ddce943f364942ee30b1398175472ab116b19119a3fa7eb2815944162ccfb51 HTTP Headers `GET /dlandroid.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:52 GMT content-type: image/webp content-length: 2520 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=5781 content-disposition: inline; filename="dlandroid.webp" last-modified: Wed, 11 Sep 2019 07:36:31 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:52 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929aead38d2b50c-OSL X-Firefox-Spdy: h2`

	img.pay4d.info/android.png	104.19.136.75	200 OK	1.2 kB
URL HTTP/2 img.pay4d.info/android.png IP 104.19.136.75:0 ASN #13335 CLOUDFLARENET File type data Size 1.2 kB (1208 bytes) Hash 6d9fc9dc827bde46bfa5137c0fdb32b9 cdbf09372c375e3c7a9d5221cee27d2af5ac10e1 c08c608e1596876a3e96e5f6e2f60106e518cb0207ec998a6695512729445e66 HTTP Headers `GET /android.png HTTP/1.1 Host: img.pay4d.info User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:52 GMT content-type: image/webp content-length: 1096 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=3351 content-disposition: inline; filename="android.webp" last-modified: Sat, 30 Jan 2021 10:29:07 GMT vary: Accept cf-cache-status: HIT expires: Wed, 01 Feb 2023 11:32:52 GMT cache-control: public, max-age=7200 accept-ranges: bytes server: cloudflare cf-ray: 7929aead48e1b50c-OSL X-Firefox-Spdy: h2`

	api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=13133205&version=541.1.1.2204.418.45.7.1.1.1.1.4.1&group_id=0&jsonp=__lc_static_config	23.36.79.17	200 OK	1.6 kB
URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=13133205&version=541.1.1.2204.418.45.7.1.1.1.1.4.1&group_id=0&jsonp=__lc_static_config IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type Unicode text, UTF-8 text, with very long lines (4101), with no line terminators Size 1.6 kB (1573 bytes) Hash 22f0ac0288f842eabc2e01d307d2626c 1ac64e25c49fa290a126e3aaf73cbc544176d021 4cc9c3966719976cf001e809cbcb107de0e33e12c6c73c1412496d2a2e6a5c81 HTTP Headers `GET /v3.3/customer/action/get_configuration?license_id=13133205&version=541.1.1.2204.418.45.7.1.1.1.1.4.1&group_id=0&jsonp=__lc_static_config HTTP/1.1 Host: api.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip content-type: application/javascript; charset=UTF-8 legacy: 2023-06-30 vary: Accept-Encoding content-length: 1573 cache-control: public, max-age=600 expires: Wed, 01 Feb 2023 09:42:53 GMT date: Wed, 01 Feb 2023 09:32:53 GMT X-Firefox-Spdy: h2`

	api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13133205&version=13159fb2ee05429e3ae48a4031b3d0e0_8f42e4e7f4ebfdaeb82e75ce4995d59d&language=id&group_id=0&jsonp=__lc_localization	23.36.79.17	200 OK	4.3 kB
URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13133205&version=13159fb2ee05429e3ae48a4031b3d0e0_8f42e4e7f4ebfdaeb82e75ce4995d59d&language=id&group_id=0&jsonp=__lc_localization IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type Unicode text, UTF-8 text, with very long lines (11687), with no line terminators Size 4.3 kB (4262 bytes) Hash 5e636b386cce6f47921fd099d6de02c7 831407d111ee76630d2737fe6117e712a6e46826 fba58fb9c69a268c2a2aae6d056b447dee6769e25e70eb1130a5bc5a2a963b64 HTTP Headers GET /v3.3/customer/action/get_localization?license_id=13133205&version=13159fb2ee05429e3ae48a4031b3d0e0_8f42e4e7f4ebfdaeb82e75ce4995d59d&language=id&group_id=0&jsonp=__lc_localization HTTP/1.1 Host: api.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 200 OK content-encoding: gzip content-type: application/javascript; charset=UTF-8 legacy: 2023-06-30 vary: Accept-Encoding cache-control: public, max-age=600 expires: Wed, 01 Feb 2023 09:42:53 GMT date: Wed, 01 Feb 2023 09:32:53 GMT content-length: 4262 X-Firefox-Spdy: h2`

	secure.livechatinc.com/customer/action/open_chat?license_id=13133205&group=0&embedded=1&widget_version=3&unique_groups=0	23.36.79.17	200 OK	2.6 kB
URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=13133205&group=0&embedded=1&widget_version=3&unique_groups=0 IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators Size 2.6 kB (2557 bytes) Hash e73532c0c660a631b8b058705ce26d21 ac886227ce8d418692c8496201f8bc76709b1a63 0ee4d5761027247228422c7b57c6727e95d065c52b4f68501694f1a41754ac03 HTTP Headers GET /customer/action/open_chat?license_id=13133205&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1 Host: secure.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 200 OK content-encoding: gzip content-type: text/html; charset=utf-8 vary: Accept-Encoding date: Wed, 01 Feb 2023 09:32:53 GMT content-length: 2557 X-Firefox-Spdy: h2`

	cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js	23.36.79.17	200 OK	15 kB
URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type ASCII text, with very long lines (47599), with no line terminators Size 15 kB (14999 bytes) Hash aa354a30c2b34b7c6ca4afb13c39442c 4e033c71e891ad3d60d7437c6e674c601260c66d f4ffa5e37b87bda31ba0d2c7b64fe9939011588c3233c527799262be7169cf95 HTTP Headers `GET /widget/static/js/0.d619df13.chunk.js HTTP/1.1 Host: cdn.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://secure.livechatinc.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK last-modified: Wed, 11 Jan 2023 08:35:01 GMT x-amz-version-id: fr6Gz9d8KXQbrJuaQVT4sDUpSqjnuR9Q server: AmazonS3 content-encoding: br etag: W/"10a3d7ac1ed37325d3341c379ee0de69" vary: Accept-Encoding x-amz-cf-pop: ARN56-P2 x-amz-cf-id: DcjWrJ5J0UZqsGb4T2ZIU7t__E1ADvqdBmzVXTCZLmhoDUvGkFZlRA== content-length: 14999 cache-control: max-age=31536000 expires: Thu, 01 Feb 2024 09:32:53 GMT date: Wed, 01 Feb 2023 09:32:53 GMT content-type: application/javascript; charset=utf-8 access-control-allow-origin: * X-Firefox-Spdy: h2

	cdn.livechatinc.com/widget/static/js/1.242d30c5.chunk.js	23.36.79.17	200 OK	66 kB
URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.242d30c5.chunk.js IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type ASCII text, with very long lines (65462) Size 66 kB (66393 bytes) Hash 837574e727c7477fb1aafaae2ee0f000 4302eeddb91b30897a9f1192197f2bca4f8c8673 1379e2d7c0609f498b00423d0e61eff1f32fca81763b7b5a24120d55a5abfc66 HTTP Headers `GET /widget/static/js/1.242d30c5.chunk.js HTTP/1.1 Host: cdn.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://secure.livechatinc.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK last-modified: Mon, 16 Jan 2023 07:45:14 GMT x-amz-version-id: Px6texczRRdv2H_bvm87pAIOH7z7Z.qa server: AmazonS3 content-encoding: br etag: W/"6cc6a8d0a347434070e1ae1406714b63" vary: Accept-Encoding x-amz-cf-pop: ARN1-C1 x-amz-cf-id: wE4tvds8I8rdMvWK8ZjfXt0uA449t3dgMbRjzjYyX0onl7EVVeKJuw== content-length: 66393 cache-control: max-age=31536000 expires: Thu, 01 Feb 2024 09:32:53 GMT date: Wed, 01 Feb 2023 09:32:53 GMT content-type: application/javascript; charset=utf-8 access-control-allow-origin: * X-Firefox-Spdy: h2

	cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2	23.36.79.17	200 OK	13 kB
URL HTTP/2 cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data Size 13 kB (12852 bytes) Hash 3b5df7e947d77201eaf22f3dbdac08cc 21989ca07e4afe32d48982b816b8fac85ce3e668 4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f HTTP Headers `GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1 Host: cdn.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://secure.livechatinc.com Connection: keep-alive Referer: https://secure.livechatinc.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: application/octet-stream content-length: 12852 last-modified: Tue, 18 Oct 2022 07:22:37 GMT etag: "3b5df7e947d77201eaf22f3dbdac08cc" x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9 accept-ranges: bytes server: AmazonS3 x-amz-cf-pop: HAM50-C2 x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg== cache-control: max-age=31536000 expires: Thu, 01 Feb 2024 09:32:53 GMT date: Wed, 01 Feb 2023 09:32:53 GMT access-control-allow-origin: * X-Firefox-Spdy: h2`

	cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2	23.36.79.17	200 OK	13 kB
URL HTTP/2 cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data Size 13 kB (12688 bytes) Hash d9f5998f47f6f22cb66e7dbf428c76ab 86b993baf91f867a03ea62e0d0adc9488530efaa e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6 HTTP Headers `GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1 Host: cdn.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://secure.livechatinc.com Connection: keep-alive Referer: https://secure.livechatinc.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: application/octet-stream content-length: 12688 last-modified: Tue, 18 Oct 2022 07:22:38 GMT etag: "d9f5998f47f6f22cb66e7dbf428c76ab" x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K accept-ranges: bytes server: AmazonS3 x-amz-cf-pop: HAM50-P2 x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw== cache-control: max-age=31536000 expires: Thu, 01 Feb 2024 09:32:53 GMT date: Wed, 01 Feb 2023 09:32:53 GMT access-control-allow-origin: * X-Firefox-Spdy: h2`

	api.livechatinc.com/v3.3/customer/rtm/ws?license_id=13133205	23.36.79.16	101 Switching Protocols	0 B
URL HTTP/1.1 api.livechatinc.com/v3.3/customer/rtm/ws?license_id=13133205 IP 23.36.79.16:0 ASN #20940 Akamai International B.V. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /v3.3/customer/rtm/ws?license_id=13133205 HTTP/1.1 Host: api.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: https://secure.livechatinc.com Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 4OYrxYDZDFKQJLOAR8GXcw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols sec-websocket-accept: FOt9vMAyE93zo1iBJkJSnehKwpQ= Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: https://secure.livechatinc.com legacy: 2023-06-30 Date: Wed, 01 Feb 2023 09:32:53 GMT Upgrade: websocket Connection: Upgrade`

	accounts.livechatinc.com/customer/token	23.36.79.17	200 OK	249 B
URL HTTP/2 accounts.livechatinc.com/customer/token IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type data Size 249 B (249 bytes) Hash c2fee45c03a8485d1ec7d512acbb07be deee892b9058c47e2387bea02868f80cb74f5e2a cb158c99baf1e0c802aa8f7996e34c8c005ff00a2bc15b8057c719346ced5422 HTTP Headers `POST /customer/token HTTP/1.1 Host: accounts.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 190 Origin: https://secure.livechatinc.com Connection: keep-alive Referer: https://secure.livechatinc.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK access-control-allow-credentials: true access-control-allow-origin: https://secure.livechatinc.com cache-control: no-cache, no-store, max-age=0, must-revalidate content-type: application/json expires: Fri, 01 Jan 1990 00:00:00 GMT pragma: no-cache content-length: 138 date: Wed, 01 Feb 2023 09:32:53 GMT set-cookie: __lc_cid=61f16813-fdd9-436f-5bb0-f6fb4e723dd8; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Sat, 01 Feb 2025 09:32:53 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __lc_cst=ec7caca10ae5bffb323373af894ef24bc80c9e2f022fa3869c0a465c372d359e372eac0619b0b7d255f04574b36d18abd6c0fbaf8bbad384a29957ae7d18; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Sat, 01 Feb 2025 09:32:53 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __lc_cid=61f16813-fdd9-436f-5bb0-f6fb4e723dd8; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Sat, 01 Feb 2025 09:32:53 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __lc_cst=ec7caca10ae5bffb323373af894ef24bc80c9e2f022fa3869c0a465c372d359e372eac0619b0b7d255f04574b36d18abd6c0fbaf8bbad384a29957ae7d18; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Sat, 01 Feb 2025 09:32:53 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __oauth_redirect_detector=counter=1&t=1675244003&tag=6648bd8dc140fe5a3cc9601beedadcb170fe94cf; Path=/; Expires=Wed, 01 Feb 2023 09:33:23 GMT; HttpOnly; Secure; SameSite=None X-Firefox-Spdy: h2

	cdn.livechatinc.com/widget/static/media/new_message.34190d36.ogg	23.36.79.17	206 Partial Content	11 kB
URL HTTP/2 cdn.livechatinc.com/widget/static/media/new_message.34190d36.ogg IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type Ogg data, Vorbis audio, stereo, 44100 Hz, ~112000 bps\012- data Size 11 kB (11404 bytes) Hash a37211a6cfcda45352d5abcff1e446bb 5f46f941ea3247a17e35be65dcd38583c7ecbfb6 1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d HTTP Headers `GET /widget/static/media/new_message.34190d36.ogg HTTP/1.1 Host: cdn.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 206 Partial Content content-type: application/octet-stream last-modified: Tue, 07 Jun 2022 10:31:15 GMT x-amz-version-id: 0eCQ7JzXZ_yjxrlSX_vlQead.GgqRhbb accept-ranges: bytes server: AmazonS3 etag: "a37211a6cfcda45352d5abcff1e446bb" x-amz-cf-pop: ARN1-C1 x-amz-cf-id: Jl-kA9f70ZstJ4iycPT9C0iokBLbhTz1Y4Rh3_BJ2ixGlD1N4r6mMA== cache-control: max-age=31536000 expires: Thu, 01 Feb 2024 09:32:54 GMT date: Wed, 01 Feb 2023 09:32:54 GMT content-range: bytes 0-11403/11404 content-length: 11404 access-control-allow-origin: * X-Firefox-Spdy: h2

	cdn.livechat-files.com/api/file/lc/img/13133205/20590fe7eb5247298f7954a4eab023c1.jpeg	23.36.79.17	200 OK	11 kB
URL HTTP/2 cdn.livechat-files.com/api/file/lc/img/13133205/20590fe7eb5247298f7954a4eab023c1.jpeg IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 267x267, components 3\012- data Size 11 kB (10977 bytes) Hash f289f00c6befc26db8d27f9ec63f32c0 bee667a6da53639277a76e4c47b94ac455e7d2b8 91af84bb1d3344a1a378e4fbe63c05b4205bbed0b6ef42b0352b11667b690bd1 HTTP Headers `GET /api/file/lc/img/13133205/20590fe7eb5247298f7954a4eab023c1.jpeg HTTP/1.1 Host: cdn.livechat-files.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-length: 10977 content-type: image/jpeg cache-control: private, max-age=77564 date: Wed, 01 Feb 2023 09:32:54 GMT access-control-allow-origin: * X-Firefox-Spdy: h2`

	becak4dw.com/css/bootstrap.min.css	172.67.154.182	200 OK	0 B
URL HTTP/2 becak4dw.com/css/bootstrap.min.css IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css/bootstrap.min.css HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:50 GMT content-type: text/css last-modified: Wed, 08 Sep 2021 05:36:46 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YD0xRf4MInW%2F2ILauEXs98hCZer%2B0xIDrxIg%2BA1GcGP%2FrJuznl%2Bnp9aURzVg%2FNUlz7kUEjx9VscvvZdOk4VNVzQsl1zCZYi%2B3xWGdma3kgj%2FYhMNbXr4HlCih%2F98g%2Bw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae983ea10b61-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js	104.16.86.20	200 OK	0 B
URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js IP 104.16.86.20:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /npm/bootstrap@3.4.1/dist/js/bootstrap.min.js HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://becak4dw.com Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: application/javascript; charset=utf-8 access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=31536000, s-maxage=31536000, immutable cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload x-jsd-version: 3.4.1 x-jsd-version-type: version etag: W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs" x-served-by: cache-fra19138-FRA, cache-bma1680-BMA x-cache: HIT, HIT vary: Accept-Encoding cf-cache-status: HIT age: 27389131 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZitZx9pbmfC9opbYqYpoO15Un59zaN34TW0%2BKbRi4OsdRjSjc25S3VoTo9PizDMsssa3LMDFLdoE6IlwH0LUnUBN9DqeZB7E2Lhx1XVsEHuxp8Nqku%2BMsg7W5YLHfDIPFw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7929ae996e910b4d-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	becak4dw.com/css/webduo.css	172.67.154.182	200 OK	0 B
URL HTTP/2 becak4dw.com/css/webduo.css IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css/webduo.css HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: text/css last-modified: Wed, 08 Sep 2021 05:36:52 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfQyk9fWAe3WqaWaKxUWSvtCtgz3fkwqdqoI2HEVIoiFNy5IAcOzfuL781CtlofzAXWnpsrq6Ol0PJkEjtR%2BKeQo2BF5d5FJqNnV0ezdaxqNcerBblx9cyK%2Fex6Nwik%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae984eaf0b61-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	becak4dw.com/capimg.php?6353	172.67.154.182	200 OK	0 B
URL HTTP/2 becak4dw.com/capimg.php?6353 IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /capimg.php?6353 HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3O843tTDXaSEW%2BWGM1oT5c%2BcRzQHPdxHry7nZgoGiYGR4ap8XwxLBjBpTOsxkxPf8FKlfzBVi4L%2FR3rYDniuk5ABlyDxnmatjv9k42PXggSrbF1AVTblaEj98kHRNbw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7929ae989f090b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	becak4dw.com/m/capimg.php?6363	172.67.154.182	200 OK	0 B
URL HTTP/2 becak4dw.com/m/capimg.php?6363 IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /m/capimg.php?6363 HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: image/png expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6UYZhbl03bkg95TibgWTnF0dn5%2FQEQgBlu%2BozFlcg785GeRs7S7UzbOmpwTLjKKBe5Faflfgxo0qac51%2F2X4Ey8HOe8MIWEFe6sk%2BOAnfmC0bOf94EStLzdG%2F9istM%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7929ae986ec30b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js	23.36.79.17	200 OK	0 B
URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js IP 23.36.79.17:0 ASN #20940 Akamai International B.V. File type Size 0 B (0 bytes) Hash HTTP Headers `GET /widget/static/js/iframe.73879adc.chunk.js HTTP/1.1 Host: cdn.livechatinc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://secure.livechatinc.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK last-modified: Wed, 25 Jan 2023 08:47:14 GMT x-amz-version-id: DWqeOBaonG9oWcxGU0ZIpqeLsqrYCT6x server: AmazonS3 content-encoding: gzip etag: W/"90cad0f1a20bbe0c7b70af650ab7491a" vary: Accept-Encoding x-amz-cf-pop: AMS54-C1 x-amz-cf-id: _moYFAh9CU_TCG1Yzj16TH06fqZO-0j2iiv2chXN-6-X-3i1nCAlEQ== content-length: 228662 cache-control: max-age=31536000 expires: Thu, 01 Feb 2024 09:32:53 GMT date: Wed, 01 Feb 2023 09:32:53 GMT content-type: application/javascript; charset=utf-8 access-control-allow-origin: * X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Abel\|Oswald:400\|PT+Sans:400,700\|Open+Sans:300,400,700,800	142.250.74.74	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Abel\|Oswald:400\|PT+Sans:400,700\|Open+Sans:300,400,700,800 IP 142.250.74.74:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Abel\|Oswald:400\|PT+Sans:400,700\|Open+Sans:300,400,700,800 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 01 Feb 2023 09:32:49 GMT date: Wed, 01 Feb 2023 09:32:49 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	becak4dw.com/css/mediaduo.css	172.67.154.182	200 OK	0 B
URL HTTP/2 becak4dw.com/css/mediaduo.css IP 172.67.154.182:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css/mediaduo.css HTTP/1.1 Host: becak4dw.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://becak4dw.com/ Cookie: PHPSESSID=28dpkrcbug7qfrqc65bsa4vui4 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Wed, 01 Feb 2023 09:32:49 GMT content-type: text/css last-modified: Wed, 08 Sep 2021 05:36:49 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BP7PqUATbsUcY5TipS4SP90Uo9inR1YLoQ9Amys3uB5Tozr0Ef8pSeVe0d%2FUVSef93uXsXP5yzIPydo46IiNf%2FG5AGqmxqeJo%2FOoaFR13Rrl9bNnzb8P5OU7qeXa%2Fg%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7929ae984eb00b61-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL