4dkinghoki.me/
151.139.128.10301 Moved Permanently 0 B IP 151.139.128.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 04:20:51 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Location: https://4dkinghoki.me/
X-HW: 1669695651.cds244.sk1.h2,1669695651.cds238.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5472
Expires: Tue, 29 Nov 2022 05:52:03 GMT
Date: Tue, 29 Nov 2022 04:20:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5355
Cache-Control: max-age=113985
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:51 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:00:36 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3194
Expires: Tue, 29 Nov 2022 05:14:05 GMT
Date: Tue, 29 Nov 2022 04:20:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 04:17:51 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 180
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jkrqTxpkz4nChcHIRFxtjngabOlYF14AxN/UQUNJA3ke0ZOXL3vrD0ji6YMYjV5FFdzpCDJ2ZsE=
x-amz-request-id: XZE1SG39HEJXZTJM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 03:42:21 GMT
age: 2310
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:20:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
4dkinghoki.me/css/bootstrap.min.css
151.139.128.10200 OK 22 kB URL HTTP/2 4dkinghoki.me/css/bootstrap.min.css
IP 151.139.128.10:0
File type ASCII text, with very long lines (65230)
Hash 99b3142abe0d7154bf83b2d69a1a23e6
aa13092a53ed3220321d7c0ee15876cb65aa17bf
1f51dcb62a711c82e3881592cd1da417108e1f909c4f818aa0a0aa2fd9d6cb06
GET /css/bootstrap.min.css HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1638201287"
cache-control: max-age=514
content-encoding: gzip
content-length: 21757
content-type: text/css
last-modified: Mon, 29 Nov 2021 15:54:47 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds010.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/css/webduo.css
151.139.128.10200 OK 1.6 kB URL HTTP/2 4dkinghoki.me/css/webduo.css
IP 151.139.128.10:0
Hash 253510f77887ccc2b1701477ad6ada13
c3680d821eac3fbfa9917f28af23f50c352360d7
e594f33f7b0cc5dfd0e140f04c31e39803dea99969764df237e86b6e58fa5543
GET /css/webduo.css HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1638201372"
cache-control: max-age=514
content-encoding: gzip
content-length: 1551
content-type: text/css
last-modified: Mon, 29 Nov 2021 15:56:12 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds261.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/css/mediaduo.css
151.139.128.10200 OK 2.4 kB URL HTTP/2 4dkinghoki.me/css/mediaduo.css
IP 151.139.128.10:0
Hash cab590faa4c7bf3bbb9d9260e4b1d1a8
116c39b6e3fe28e385bdb8fc43f01f9981ab189b
b1925f374734cf2ed7fc5cd8a1b7344ba248ed7245ace6174a8d37b73ff72944
GET /css/mediaduo.css HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1597030885"
cache-control: max-age=514
content-encoding: gzip
content-length: 2405
content-type: text/css
last-modified: Mon, 10 Aug 2020 03:41:25 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds009.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/logo.png
151.139.128.10200 OK 24 kB URL HTTP/2 4dkinghoki.me/images/logo.png
IP 151.139.128.10:0
File type PNG image data, 400 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash e7e3372c54066ce6e3aeaebffc9b9503
e853c92d812b25c4a6a33fbbfae3f0d51bdae416
c91d9d311f59a55e4b0c4459350d9d8c5e3ab8d19fa8fb988e0533a728483c67
GET /images/logo.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1639549134"
cache-control: max-age=514
content-length: 23616
content-type: image/png
last-modified: Wed, 15 Dec 2021 06:18:54 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds243.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/bgline3.png
151.139.128.10200 OK 1.7 kB URL HTTP/2 4dkinghoki.me/images/bgline3.png
IP 151.139.128.10:0
File type PNG image data, 404 x 6, 8-bit/color RGB, non-interlaced\012- data
Hash ab700dd732af7bb9826a3914814c410b
f8a08fc3b9eaeda0b3fc57be4885ea195a8c9214
3efa76a1fd8b826f55b4983517d7b6479706c464eb886e67a02a83c5f4840e06
GET /images/bgline3.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1638201269"
cache-control: max-age=514
content-length: 1687
content-type: image/png
last-modified: Mon, 29 Nov 2021 15:54:29 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds202.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/upload-Promo-20220822205609.jpg
151.139.128.10200 OK 146 kB URL HTTP/2 4dkinghoki.me/images/upload-Promo-20220822205609.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:08:22 20:55:55], progressive, precision 8, 900x180, components 3\012- data
Size 146 kB (146491 bytes)
Hash 661937efc0231a92da9c05f83da86e80
00661e153e6a971631fde98a0d8496efa5dae412
114ffbc2f3cd325c7b05a31497df133ec89e8f32049eccb96c310c1d0a4ff7be
GET /images/upload-Promo-20220822205609.jpg HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1661176569"
cache-control: max-age=514
content-length: 146491
content-type: image/jpeg
last-modified: Mon, 22 Aug 2022 13:56:09 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds263.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/upload-SlidesMobile-20220726135507.jpg
151.139.128.10200 OK 114 kB URL HTTP/2 4dkinghoki.me/images/upload-SlidesMobile-20220726135507.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:07:25 21:41:14], progressive, precision 8, 600x250, components 3\012- data
Size 114 kB (114130 bytes)
Hash 18120a2f44c07457ab3a6c9f67e0a714
e23cb68245748b744b489caa1916e24e5290c087
38bfe08d64f01b5321769467a01dac14901f0ec5957a51363e8bbb4082de5225
GET /images/upload-SlidesMobile-20220726135507.jpg HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1658818507"
cache-control: max-age=514
content-length: 114130
content-type: image/jpeg
last-modified: Tue, 26 Jul 2022 06:55:07 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds252.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdf8fcc67ef5a6697d5b9e25088bb9e1
d7390ff89e205cc059d4466a4dcdcb66f5726c0b
99aab94597be8e161f919be17ad0a5b286a3263147c323fbb1ba20354f5b6d12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5059
Cache-Control: max-age=166979
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:52 GMT
Etag: "63855e24-1d7"
Expires: Thu, 01 Dec 2022 02:43:51 GMT
Last-Modified: Tue, 29 Nov 2022 01:19:32 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
4dkinghoki.me/images/psr-sg.png
151.139.128.10200 OK 5.8 kB URL HTTP/2 4dkinghoki.me/images/psr-sg.png
IP 151.139.128.10:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 62f2ba4b9e6571ffa4aaff9df88a1363
062d797e0b0e5d72fe4c67326da651e98120d997
eb3dba84673c3872ef5b868fd31ad9eff4138e566609cfd9fea427d218bb1413
GET /images/psr-sg.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1597030847"
cache-control: max-age=514
content-length: 5752
content-type: image/png
last-modified: Mon, 10 Aug 2020 03:40:47 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds016.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/psr-syd.png
151.139.128.10200 OK 8.4 kB URL HTTP/2 4dkinghoki.me/images/psr-syd.png
IP 151.139.128.10:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 800604d968f4fdb72ac93a188918275d
be4dc446ba5b728b6d906fe2f3b811fdaa2e377f
ad48f6be01b64f903c38c4b4ea9913d88527fcdd6053144f4627663eb9918770
GET /images/psr-syd.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1597030848"
cache-control: max-age=514
content-length: 8399
content-type: image/png
last-modified: Mon, 10 Aug 2020 03:40:48 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds210.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/psr-sg45.png
151.139.128.10200 OK 8.1 kB URL HTTP/2 4dkinghoki.me/images/psr-sg45.png
IP 151.139.128.10:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 6695ded7228c5186a1c05e22b5a8092e
8e5b4aa31d42ccb07f9e1dc27c682f33c509e3bf
783b3df894b29f8406169dd624348405e8b448788ae37531252ed14b8a57cf86
GET /images/psr-sg45.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1597030853"
cache-control: max-age=514
content-length: 8126
content-type: image/png
last-modified: Mon, 10 Aug 2020 03:40:53 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds013.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/psr-gy.png
151.139.128.10200 OK 6.2 kB URL HTTP/2 4dkinghoki.me/images/psr-gy.png
IP 151.139.128.10:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash c538f837462d48ad40a82443df9fac67
286af4805ac4b365407246e27d9a7fc032120519
b646b7ebf38ec833a3847694a797ace86c2928e694252d1ee2573bf9597a69e4
GET /images/psr-gy.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1597030864"
cache-control: max-age=514
content-length: 6190
content-type: image/png
last-modified: Mon, 10 Aug 2020 03:41:04 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds215.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/psr-ml.png
151.139.128.10200 OK 4.9 kB URL HTTP/2 4dkinghoki.me/images/psr-ml.png
IP 151.139.128.10:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 454f08364c0db1f09432aa24d7b7c531
0f768d3ed56a3a021ba99fdf03897f230e7afbb8
d65c174a12b842e01c052d4a152402457f44e843636a0b18af8cbd8094ad1129
GET /images/psr-ml.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1597030859"
cache-control: max-age=514
content-length: 4858
content-type: image/png
last-modified: Mon, 10 Aug 2020 03:40:59 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds229.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/psr-mc.png
151.139.128.10200 OK 9.8 kB URL HTTP/2 4dkinghoki.me/images/psr-mc.png
IP 151.139.128.10:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash d093550c7bd08bcb99652e7bb88977b1
5c0c0eded056026a9f41220bd6c1a5505a01bc47
330039c52b34aea1e536891e1deb20c8f93f64381e5dce35b4b20c8374845584
GET /images/psr-mc.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1597030849"
cache-control: max-age=514
content-length: 9814
content-type: image/png
last-modified: Mon, 10 Aug 2020 03:40:49 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds219.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/psr-qtr.png
151.139.128.10200 OK 4.5 kB URL HTTP/2 4dkinghoki.me/images/psr-qtr.png
IP 151.139.128.10:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 94b7c4d77007d1d2874c8dfeeea13ba3
758e6d6396b4cc34483e97c4e2fd89819ef51501
3c6d1ffbbbf8bbed2ca10803e6715b5ff1885aa984e50e648ca1a73961dea64a
GET /images/psr-qtr.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1597030853"
cache-control: max-age=514
content-length: 4525
content-type: image/png
last-modified: Mon, 10 Aug 2020 03:40:53 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds236.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/psr-hk.png
151.139.128.10200 OK 5.8 kB URL HTTP/2 4dkinghoki.me/images/psr-hk.png
IP 151.139.128.10:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b33466f1596c700cabc4b5aa0fdeddc
96ca4f0aca9bc2e4d28d9e8ee94868b1413e5199
80eaeccf24ccdf4a13dc2a1c1b0780681678cee4c40e3d13bb55e9f16e8240d9
GET /images/psr-hk.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1597030848"
cache-control: max-age=514
content-length: 5800
content-type: image/png
last-modified: Mon, 10 Aug 2020 03:40:48 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds243.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/logoweb.png
151.139.128.10200 OK 24 kB URL HTTP/2 4dkinghoki.me/images/logoweb.png
IP 151.139.128.10:0
File type PNG image data, 400 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash b69537e9e52a70c786025eb174a8637c
76f43a3346f4303dca019b160d89911fcd6a76e5
703b07d7c079c5bca1ab4927d9ea7ebd75c1f3cf4c56490bd469ea0f776c1d89
GET /images/logoweb.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1639549135"
cache-control: max-age=515
content-length: 23616
content-type: image/png
last-modified: Wed, 15 Dec 2021 06:18:55 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds026.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/upload-Slides-20221110000121.jpg
151.139.128.10200 OK 291 kB URL HTTP/2 4dkinghoki.me/images/upload-Slides-20221110000121.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:11:07 18:38:27], progressive, precision 8, 1900x380, components 3\012- data
Size 291 kB (290591 bytes)
Hash 4e5db3a027901756088adebaacf38c1a
0e354af77b3c25de89d1f16d4ddb04db3d9f8e8b
d3a4d51f8c5dd3d1c9dd287431b5e6bbd47e2805ed9fffd640dcace1920db0ab
GET /images/upload-Slides-20221110000121.jpg HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1668013281"
cache-control: max-age=515
content-length: 290591
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 17:01:21 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds252.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/upload-Slides-20221105165014.jpg
151.139.128.10200 OK 271 kB URL HTTP/2 4dkinghoki.me/images/upload-Slides-20221105165014.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:11:05 16:49:01], progressive, precision 8, 1900x380, components 3\012- data
Size 271 kB (271336 bytes)
Hash 7b4f237db8f7d6490eed0e1cdfd106ab
907267c14005db9c1af6ed3a15ab477e230a39ef
e65b2cd6a62e0ef5ba9e3cebaef4a4649c7e60502690845dfdbeb40f3df3b49b
GET /images/upload-Slides-20221105165014.jpg HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1667641814"
cache-control: max-age=515
content-length: 271336
content-type: image/jpeg
last-modified: Sat, 05 Nov 2022 09:50:14 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds219.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/upload-Slides-20221023142621.jpg
151.139.128.10200 OK 367 kB URL HTTP/2 4dkinghoki.me/images/upload-Slides-20221023142621.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:10:23 14:24:27], progressive, precision 8, 1900x380, components 3\012- data
Size 367 kB (367213 bytes)
Hash f3d033d2f5f0fddd950d5cfc40c825f0
2125caae81e5c7402ab1675aa58eccf6f452ca64
cf7ee8f3625c49eb2678979dd3ed5695a3bb1e3de8b5f83be46e5eb2fa2430de
GET /images/upload-Slides-20221023142621.jpg HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1666509981"
cache-control: max-age=515
content-length: 367213
content-type: image/jpeg
last-modified: Sun, 23 Oct 2022 07:26:21 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds203.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/upload-Slides-20221021184123.jpg
151.139.128.10200 OK 297 kB URL HTTP/2 4dkinghoki.me/images/upload-Slides-20221021184123.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:10:21 17:42:05], progressive, precision 8, 1900x380, components 3\012- data
Size 297 kB (296938 bytes)
Hash 7153a5d2a509701fa917fedd4a951afe
ad0c14c80b811374bd22d36d08f0d5069de6c261
02161503004d781458c5a14e98c603e450254076b269cdf57cdd51ee1c97f14c
GET /images/upload-Slides-20221021184123.jpg HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1666352483"
cache-control: max-age=515
content-length: 296938
content-type: image/jpeg
last-modified: Fri, 21 Oct 2022 11:41:23 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds259.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/upload-Slides-20221021184159.jpg
151.139.128.10200 OK 391 kB URL HTTP/2 4dkinghoki.me/images/upload-Slides-20221021184159.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:10:21 17:45:01], progressive, precision 8, 1900x380, components 3\012- data
Size 391 kB (391065 bytes)
Hash 3cb5f947cb2416c6da703fda5fb12f52
3c428a75ecdef94c6f826b870b4e22e15fdb957f
0bccd272a301ac91d0c8d65a7281f4d6737d1c5c64a29e3dbe8a5f5a7931647c
GET /images/upload-Slides-20221021184159.jpg HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1666352519"
cache-control: max-age=514
content-length: 391065
content-type: image/jpeg
last-modified: Fri, 21 Oct 2022 11:41:59 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds261.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdf8fcc67ef5a6697d5b9e25088bb9e1
d7390ff89e205cc059d4466a4dcdcb66f5726c0b
99aab94597be8e161f919be17ad0a5b286a3263147c323fbb1ba20354f5b6d12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5059
Cache-Control: max-age=166979
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:52 GMT
Etag: "63855e24-1d7"
Expires: Thu, 01 Dec 2022 02:43:51 GMT
Last-Modified: Tue, 29 Nov 2022 01:19:32 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4dkinghoki.me/images/bgline.png
151.139.128.10200 OK 1.9 kB URL HTTP/2 4dkinghoki.me/images/bgline.png
IP 151.139.128.10:0
File type PNG image data, 576 x 4, 8-bit/color RGB, non-interlaced\012- data
Hash 3e5167119e8d5b6fcd7a74aaff61f61a
9998b71da4890328d4320b2b97d4d7d892705198
19706dadd6bba8f57d59712fe62261dfd3a07babd5f928e4f7271bea67b9f681
GET /images/bgline.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1638201268"
cache-control: max-age=514
content-length: 1876
content-type: image/png
last-modified: Mon, 29 Nov 2021 15:54:28 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds263.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/bgline2.png
151.139.128.10200 OK 1.8 kB URL HTTP/2 4dkinghoki.me/images/bgline2.png
IP 151.139.128.10:0
File type PNG image data, 1228 x 6, 8-bit/color RGB, non-interlaced\012- data
Hash 0d15fa3842932b1bc70554ef555713d6
d6248685710f9088a1dd25f5242cf0326c782cd1
03628dbdcee5a734d95436c612a8a4da0fc02f9e6b64a24b410e2e6ef8a00f78
GET /images/bgline2.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1638201268"
cache-control: max-age=515
content-length: 1752
content-type: image/png
last-modified: Mon, 29 Nov 2021 15:54:28 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds018.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/kontak.png
151.139.128.10200 OK 5.0 kB URL HTTP/2 4dkinghoki.me/images/kontak.png
IP 151.139.128.10:0
File type PNG image data, 69 x 287, 8-bit/color RGBA, non-interlaced\012- data
Hash cc9ff1f22490e2cca070a57979aea150
c41c924a335152f8e6b07543ff4384e750e114f5
d13562a3a1a8c4e5dedebdc1924ce73f2944c82937d3f247d087caa16cb565f7
GET /images/kontak.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1638201270"
cache-control: max-age=515
content-length: 4995
content-type: image/png
last-modified: Mon, 29 Nov 2021 15:54:30 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds024.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/images/bg.jpg
151.139.128.10200 OK 37 kB URL HTTP/2 4dkinghoki.me/images/bg.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1901x488, components 3\012- data
Hash 1145bd8ece028a6dc860d6e4c9beb381
4b4428b004dd6417e8bb8a7b233b96699fbcb77f
1f7cdee463b68622bb20abd385228dabcf18affbdc355eed47ea84d656f42fe1
GET /images/bg.jpg HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1638201267"
cache-control: max-age=515
content-length: 37177
content-type: image/jpeg
last-modified: Mon, 29 Nov 2021 15:54:27 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds251.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/js/webduo35.js
151.139.128.10200 OK 4.6 kB URL HTTP/2 4dkinghoki.me/js/webduo35.js
IP 151.139.128.10:0
Hash d867abc52913e0d7169f71ede1f337e3
d41b3120017ec99363ceebd4e9f76aa3c907c821
be0e32719a66a371074c3d7611333dc9bb40ca5dd288b5b7f0bb538f2dc29c1a
Analyzer Verdict Alert fortinet Phishing
GET /js/webduo35.js HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1663822205"
cache-control: max-age=514
content-encoding: gzip
content-length: 4562
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 04:50:05 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds010.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/js/jquery.marquee.min.js
151.139.128.10200 OK 2.4 kB URL HTTP/2 4dkinghoki.me/js/jquery.marquee.min.js
IP 151.139.128.10:0
File type ASCII text, with very long lines (1219)
Hash 987016506912abc9454e75abf4f6a90e
8e16e257e3664ef63f5823332e84920a0dc04bb9
0d7b78b5d87fd06ee3620491ab569d4bfed6f043821e2a9b06e1dab71254d4fb
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.marquee.min.js HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1599594288"
cache-control: max-age=515
content-encoding: gzip
content-length: 2400
content-type: application/javascript
last-modified: Tue, 08 Sep 2020 19:44:48 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds234.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/js/jquery.pause.min.js
151.139.128.10200 OK 870 B URL HTTP/2 4dkinghoki.me/js/jquery.pause.min.js
IP 151.139.128.10:0
File type ASCII text, with very long lines (762)
Hash 81c62fc185800b2b39185caaaaf0778d
e6ce709ce12fb92b0af00e7d90ae178c56b68076
3a38a819e0d00bc695624e1991fd25f70b4fd644ea08fd3108dd0b41cc7ecb67
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.pause.min.js HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1599594774"
cache-control: max-age=515
content-encoding: gzip
content-length: 870
content-type: application/javascript
last-modified: Tue, 08 Sep 2020 19:52:54 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds026.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7c182574908e8c0e35b381114cfd012
2053404f4e981653ae5e618e3a0b1a609d5054bf
f79639d25ccdded97e1463ce4441b3570c4091d8c56dbe19b358fe23989d91fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5994
Cache-Control: max-age=153839
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:52 GMT
Etag: "63852729-1d7"
Expires: Wed, 30 Nov 2022 23:04:51 GMT
Last-Modified: Mon, 28 Nov 2022 21:24:57 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7c182574908e8c0e35b381114cfd012
2053404f4e981653ae5e618e3a0b1a609d5054bf
f79639d25ccdded97e1463ce4441b3570c4091d8c56dbe19b358fe23989d91fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4062
Cache-Control: max-age=151907
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:52 GMT
Etag: "63852729-1d7"
Expires: Wed, 30 Nov 2022 22:32:39 GMT
Last-Modified: Mon, 28 Nov 2022 21:24:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
4dkinghoki.me/images/upload-Popup-20221116125812.jpg
151.139.128.10200 OK 160 kB URL HTTP/2 4dkinghoki.me/images/upload-Popup-20221116125812.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:11:16 12:57:49], progressive, precision 8, 600x300, components 3\012- data
Size 160 kB (159835 bytes)
Hash 8d22ba913fa4980fdd401a32c02fd2d1
e97d1865319796f7c07dd35c05c06f7437114ce6
b804a4337f0eb751dc7eee840b2ae0412253b2e889459a6bb2e761ea484678e7
GET /images/upload-Popup-20221116125812.jpg HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1668578292"
cache-control: max-age=515
content-length: 159835
content-type: image/jpeg
last-modified: Wed, 16 Nov 2022 05:58:12 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds001.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4707
Cache-Control: max-age=108270
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:52 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:25:22 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 33c32f969ee9f2829bbb2a7a2301dcf5
866b6cb911a62ac24c42f9ec064f8204825c4e19
12aa5456fdca733b04e9131bad9a137e3bb9686ee8d613fce7e36ddf1adea935
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141384
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:52 GMT
Etag: "63850dec-117"
Expires: Wed, 30 Nov 2022 19:37:16 GMT
Last-Modified: Mon, 28 Nov 2022 19:37:16 GMT
Server: nginx
Content-Length: 279
4dkinghoki.me/fonts/glyphicons-halflings-regular.woff2
151.139.128.10200 OK 18 kB URL HTTP/2 4dkinghoki.me/fonts/glyphicons-halflings-regular.woff2
IP 151.139.128.10:0
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Analyzer Verdict Alert fortinet Phishing
GET /fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://4dkinghoki.me/css/bootstrap.min.css
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
etag: "1597030870"
cache-control: max-age=516
content-length: 18028
content-type: font/woff2
last-modified: Mon, 10 Aug 2020 03:41:10 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds065.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 33c32f969ee9f2829bbb2a7a2301dcf5
866b6cb911a62ac24c42f9ec064f8204825c4e19
12aa5456fdca733b04e9131bad9a137e3bb9686ee8d613fce7e36ddf1adea935
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141384
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:52 GMT
Etag: "63850dec-117"
Expires: Wed, 30 Nov 2022 19:37:16 GMT
Last-Modified: Mon, 28 Nov 2022 19:37:16 GMT
Server: nginx
Content-Length: 279
img.pay4d.info/picleft.jpg
104.19.135.75200 OK 22 kB URL HTTP/2 img.pay4d.info/picleft.jpg
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b1bdc85cc48c85f6033c7ddca833b0c
df9589d7051fba1a5c2fd15b81b11f72f24caee0
7e599adfbea9fa50b6139eae70f7ee2214c9a0fd14a718f1d07bfd4b955ae63d
GET /picleft.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 22128
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=26042
content-disposition: inline; filename="picleft.webp"
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
vary: Accept
cf-cache-status: HIT
age: 5679
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ff96b50f-OSL
X-Firefox-Spdy: h2
bit.ly/3CQqHzL
67.199.248.10301 Moved Permanently 344 B IP 67.199.248.10:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 21036b3ba445990780d9b6614e547e3e
8b590692e326e65bd2cdca2a3463ca7e2d6171e1
db9425578918ece38c8d24548695f0671fc8560d9adf6062a4cd93f7d17df931
GET /3CQqHzL HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: text/html; charset=utf-8
content-length: 344
cache-control: private, max-age=90
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj27DTNPL8ENceRq_1R0r0yMo6n7RGTOnDQGcRRIjtwqtXTaZYSWzxRVhLnnRfjUmk-O06LEhU6Ol1dNjnwrXhWz-fshZ2Em9hsoHVP2gcltGDiZxF05eyQrn2IofN8_l1-EWa08sS7Q2B-bYoEsAac9jEweWMlrKa03QGzGuInAwxxaTm8G0oeZIZe/s1600/2.jpg
set-cookie: _bit=mat4kQ-7e45301aa67dd43aa4-00p; Domain=bit.ly; Expires=Sun, 28 May 2023 04:20:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img.pay4d.info/picrightsport.jpg
104.19.135.75200 OK 28 kB URL HTTP/2 img.pay4d.info/picrightsport.jpg
IP 104.19.135.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data
Hash ebedde0e62ada787a6ccc5cd81ba82e6
eab61df9caa7b3789ddfe4ff5744ed5ffa4da68b
461fb8ca2eda5e25e9002bffe6111739faa6cf991167cd2578632c1f90d791ca
GET /picrightsport.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/jpeg
content-length: 28289
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=33880, status=webp_bigger
last-modified: Fri, 18 Nov 2022 06:57:55 GMT
cf-cache-status: HIT
age: 5680
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77188da6ff97b50f-OSL
X-Firefox-Spdy: h2
bit.ly/3zoKPYX
67.199.248.10301 Moved Permanently 344 B IP 67.199.248.10:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e8ebdbd0e8dc692e42fb4f2316b9e700
7cccbb064012a17d5ccf5f88d1411534a0651204
7fced6fe235cd5001aca54af8161fa73b557c40a8696a2de050f4a4f2fee8f49
GET /3zoKPYX HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: text/html; charset=utf-8
content-length: 344
cache-control: private, max-age=90
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUpbi2VIHyKf9ZTnXIOH2L58bs0de_MLqfBYjRukiJ_-o4r-3KI3Ed9SLITfgve_JT5k7ibxqE0aX4PKkwbf9EOwg3WmSMDkYMlLQH3Kfo_k_8pT9Kc5zM0nEyIAZPWKS6Cf-XWxR3lV9JdEPEIInKtterBNwVvCPhmgDh40_QDPFrnD6jlVOtgf0B/s1600/9.jpg
set-cookie: _bit=mat4kQ-1253151025e3d0bc22-00y; Domain=bit.ly; Expires=Sun, 28 May 2023 04:20:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img.pay4d.info/picright.jpg
104.19.135.75200 OK 23 kB URL HTTP/2 img.pay4d.info/picright.jpg
IP 104.19.135.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data
Hash 4d21cb6ce4fcf78445d50ec994697f8b
df4d5433b0acbf6ee3a0db62663f071b2fb01275
b267ac51d20c09b4e5bb4f90f30fac9fb72c024f4448eff75cbccdba316da2e6
GET /picright.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/jpeg
content-length: 23329
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=26379, status=webp_bigger
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
cf-cache-status: HIT
age: 5680
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77188da6ff98b50f-OSL
X-Firefox-Spdy: h2
bit.ly/3Ff56Bc
67.199.248.10301 Moved Permanently 323 B IP 67.199.248.10:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 62d6ba14678d3298c0a1b686910f0433
548ebdb4ed00e03f309efc204c7c33b566de5a56
fbc00bee34f6c0ce9c800952f5383701366676d4302b9ef77c35a7cbb34240ab
GET /3Ff56Bc HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: text/html; charset=utf-8
content-length: 323
cache-control: private, max-age=90
location: https://blogger.googleusercontent.com/img/a/AVvXsEgKDNy1X7EHk7CsPCmUM5SxPi9tr8cCTWWpUxCRLDCebun-2Q9uXBc0ZKtOCtBLIMhRLdO8S02jdjDNrrIBBIjDTc1w3Rto2nse9wLjUA4Y93_BdECqWK3daBqd1s6dSjzbHOZsZqkLY8SHvcs0DWduwl3UOJEGCBS50t80gSUO2KZfsMmNfuK4pY2H
set-cookie: _bit=mat4kQ-71d6027bdbd1276624-00a; Domain=bit.ly; Expires=Sun, 28 May 2023 04:20:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img.pay4d.info/mobile-tembakikan.png
104.19.135.75200 OK 2.1 kB URL HTTP/2 img.pay4d.info/mobile-tembakikan.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bfdeefb05e569edf1028afb65895653c
97478d745112e48f9400eaeab7e84c41c60ceec2
02f0b6b2e6ee24f5bf2774b69109e9f1f0c5d1deafda081ed4c48d62b90ab9dd
GET /mobile-tembakikan.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 2106
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5201
content-disposition: inline; filename="mobile-tembakikan.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
age: 5679
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ff9db50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-togel.png
104.19.135.75200 OK 2.8 kB URL HTTP/2 img.pay4d.info/mobile-togel.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 24ee8246bf5b00f82e391b3de2c9530d
44b86adefeab3260148aadfa367cf35c602b6761
04ea1ba435c65231d96bea3e735c0bc193beb05f7e921a354ef593dbfd7528fb
GET /mobile-togel.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 2816
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6237
content-disposition: inline; filename="mobile-togel.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
age: 5680
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ff9bb50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-slot.png
104.19.135.75200 OK 3.0 kB URL HTTP/2 img.pay4d.info/mobile-slot.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bd496c55acc5fdb1ebe53c18e7b78a2e
256827a0c6474898129d22b1cfa7fadc88d96b70
414beef5dd52d21ddb304d58eedf9a6503a42523de9f54922c76f567343cdfc3
GET /mobile-slot.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 3002
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6674
content-disposition: inline; filename="mobile-slot.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
age: 5679
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ff9cb50f-OSL
X-Firefox-Spdy: h2
bit.ly/3NQvEgS
67.199.248.10301 Moved Permanently 353 B IP 67.199.248.10:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (304)
Hash 1bb882b28d6b3369bde9a4f9dc0f88bf
8cf9fba12207a5f60584a48a984a275a3072426d
a4633ace1a9113c0f533f768a5a1d622bd92a403510f9984f96ffec301ec3978
GET /3NQvEgS HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: text/html; charset=utf-8
content-length: 353
cache-control: private, max-age=90
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhAbE84b4Zy3tnFHu8pI5x2EiQwBQ9OO5mpig2Bs2PWCn_KZ5wNjl7wEyz11q60z1UvrTOkrlWd9STKfH5HTIzBS73BLYAWFIH7g_V8dBdZoaPSURZ6zGcXbTgo7SVCrYqxBEnNeMi1H0gBxnoCmRw_eZZY-uIkfY5YAcr6F_E2SSvYKjIMwBp1R9J/s1600/LUCKY SPIN.gif
set-cookie: _bit=mat4kQ-5c57a75b483b749574-00w; Domain=bit.ly; Expires=Sun, 28 May 2023 04:20:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img.pay4d.info/mobile-sport.png
104.19.135.75200 OK 2.7 kB URL HTTP/2 img.pay4d.info/mobile-sport.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 02a8a80face04e69f3bfa68f686f57bb
61f8a41a95694c27a307199407af513dde0dc43e
d9cd2cc3ba7a11673f072f321e83694c7da5979c0adda00e26de15d9a1f43797
GET /mobile-sport.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 2730
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6408
content-disposition: inline; filename="mobile-sport.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
age: 5680
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ff9eb50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/icon-kontak.png
104.19.135.75200 OK 13 kB URL HTTP/2 img.pay4d.info/icon-kontak.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 03428e550c367a0b470f6fe70d6d55c0
80b591a03333d4bec9e5ab54a0c3f4c1ed45367e
277e7027c4afd477229e58b7a992d3c43ec2b1406693a3283a8d5a59ceb09b1a
GET /icon-kontak.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 12922
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=28713
content-disposition: inline; filename="icon-kontak.webp"
last-modified: Fri, 13 Nov 2020 07:38:15 GMT
vary: Accept
cf-cache-status: HIT
age: 5678
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ff99b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/icon-promo.png
104.19.135.75200 OK 15 kB URL HTTP/2 img.pay4d.info/icon-promo.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 11a8e2c003ba77a68232b9d691a26bec
44a0551575e11d99ba5af824dffa53da30ae290c
e5090f48858bf3a2ffc2caf8463340102846ca61ebeced2378f1749525e3be52
GET /icon-promo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 15448
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35857
content-disposition: inline; filename="icon-promo.webp"
last-modified: Fri, 13 Nov 2020 07:11:14 GMT
vary: Accept
cf-cache-status: HIT
age: 5679
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ff9ab50f-OSL
X-Firefox-Spdy: h2
bit.ly/3SnpUvC
67.199.248.10301 Moved Permanently 344 B IP 67.199.248.10:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c986e5e17acdcbb7435eb31b5b85a9fe
5386546727b38255d29f3a637262f6def3f813e9
d73827720c8e4abf726b96fbbfc5680eb92e9e4a20e3fa4ced0055dc1833f805
GET /3SnpUvC HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: text/html; charset=utf-8
content-length: 344
cache-control: private, max-age=90
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGX-4kJhimBQiL4hqVuQP5MDuoG5covOSjQ9WEENVO0aCgZs1OM6ZC0lwYymZUrtBAu7BgHM0zNeY5NGtRrW8vth4AwFEgh3cIl9cPA4fTXtF2L-sANPFjw9WwcWE2pop26K-LxsRGuwMIE3VM_rNHNUyZJInXdSyOZC6pkz9j2nr9YzXjI7ZbU-FY/s1600/3.jpg
set-cookie: _bit=mat4kQ-2cd6c3596931aa572e-00s; Domain=bit.ly; Expires=Sun, 28 May 2023 04:20:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bit.ly/3MSAPfJ
67.199.248.10301 Moved Permanently 344 B IP 67.199.248.10:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 04dab565e4a9d47639ec807d0572066f
d63b5c515f478d6c27196f4da8ca201dbb6af4aa
9258abdd578b2727cc74d1da5d602bf132aeedeef249eac102e00ed2231f2531
GET /3MSAPfJ HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: text/html; charset=utf-8
content-length: 344
cache-control: private, max-age=90
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNdmRuwVAKRbNTMkU8SQwya8Xv2gZUJLus8c6XLjAnafDvoe6Y9brnK7bnvintK2sKBWJ6iiKNot6JHPDnBcBgf50Gl__bpRMangK1geFReFORY1YPPURIx87oTxH0-zcnLvrJs-HJKs-OlislBFYdMOld01X3mVOJmJk9sQtay9jflY401c1ptAs0/s1600/5.jpg
set-cookie: _bit=mat4kQ-e23b004baabc65c70c-00n; Domain=bit.ly; Expires=Sun, 28 May 2023 04:20:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img.pay4d.info/picleft-b.jpg
104.19.135.75200 OK 12 kB URL HTTP/2 img.pay4d.info/picleft-b.jpg
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ea02b87d5efe916e0d1fd689245bafa9
d515d56084f09ed372c254188e6fd75a74ae5543
1a84b9a6f066b825d388f044e0012bfe7922a9ca9a4400c2fa33cac082bfc91d
GET /picleft-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 11550
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=40621
content-disposition: inline; filename="picleft-b.webp"
last-modified: Wed, 23 Nov 2022 11:19:42 GMT
vary: Accept
cf-cache-status: HIT
age: 5680
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ff9fb50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-casino.png
104.19.135.75200 OK 4.0 kB URL HTTP/2 img.pay4d.info/mobile-casino.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a4ec13dedac773682a95ad0357c883d9
ac08067b8b14c320590fd8e0d9f46fee95c98064
34d33f63decd18d046d7ce1eaa41df45fd546a36c020d1aa2460c68d4e382a05
GET /mobile-casino.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 3982
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8816
content-disposition: inline; filename="mobile-casino.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
age: 5679
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ffa2b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/buku-mimpi.png
104.19.135.75200 OK 734 B URL HTTP/2 img.pay4d.info/buku-mimpi.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 47e11b51ac743eaa8cf239317b274ed5
2f8e7efe94b9a2bc33e4a2cfa5d56c767e53f2b6
e102b58cf346532436c7e47dc3e2e29fc53b5b550e0fcd1c4200aadce03bb7e6
GET /buku-mimpi.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 734
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3014
content-disposition: inline; filename="buku-mimpi.webp"
last-modified: Sat, 30 Jan 2021 10:28:57 GMT
vary: Accept
cf-cache-status: HIT
age: 5673
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ffa4b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/informasi.png
104.19.135.75200 OK 496 B URL HTTP/2 img.pay4d.info/informasi.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 55734ca433dd15622f992f24a3750a77
625812100e07a5b85b1dca90d622c0deafa3410d
0b31e72e9209648652af2a9e36541fb4ca4015cdbca7f29ae1993824d379c395
GET /informasi.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 496
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2507
content-disposition: inline; filename="informasi.webp"
last-modified: Sat, 30 Jan 2021 10:28:59 GMT
vary: Accept
cf-cache-status: HIT
age: 5673
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ffa6b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/kontak/wa.png
104.19.135.75200 OK 378 B URL HTTP/2 img.pay4d.info/kontak/wa.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 18d9883e1a072905361ca73d34a57734
c9dcf63a7866cd530f7615bd220e7ce4e81aad0d
a06f5509e0ed17a2901ee5d71717a549f53e66dbec7607e3944cb418c60688c5
GET /kontak/wa.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 378
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1628
content-disposition: inline; filename="wa.webp"
last-modified: Mon, 09 Sep 2019 19:19:48 GMT
vary: Accept
cf-cache-status: HIT
age: 5678
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ffa9b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/kontak/telegram.png
104.19.135.75200 OK 614 B URL HTTP/2 img.pay4d.info/kontak/telegram.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d5f471c7a8ea7c845c4a70b7fbd1f4db
617ae465abfaad2cc119cd2a8c89d2ca2537ea23
df11d4b82ea7a8c0af512e349cc780001f85879c7f865b1f89c48015ee5aa2ed
GET /kontak/telegram.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 614
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2630
content-disposition: inline; filename="telegram.webp"
last-modified: Fri, 08 Jan 2021 06:31:05 GMT
vary: Accept
cf-cache-status: HIT
age: 5678
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ffaab50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picmid-b.jpg
104.19.135.75200 OK 14 kB URL HTTP/2 img.pay4d.info/picmid-b.jpg
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3c37b7fb71f105f8b8672c66677a0b85
9a507c9d9c2909c55c080df7e4a63ff82c8b357c
51b7b166d8e3ae02de88cb7af8209160e491478c8d00c93900f85e6e7886f716
GET /picmid-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 14152
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=15488
content-disposition: inline; filename="picmid-b.webp"
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
vary: Accept
cf-cache-status: HIT
age: 5680
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ffa0b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picrightsport-b.jpg
104.19.135.75200 OK 12 kB URL HTTP/2 img.pay4d.info/picrightsport-b.jpg
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b384a638dc5c10281228cd681469b5db
bf8625ff8f2a683d21cd384f671ce379b9a7c76d
0dc4e717442c9585c855bc2dcaa9d621be9fee18d541f724f0af33b3e57137ff
GET /picrightsport-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 11588
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13092
content-disposition: inline; filename="picrightsport-b.webp"
last-modified: Fri, 04 Nov 2022 13:42:49 GMT
vary: Accept
cf-cache-status: HIT
age: 5680
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ffa1b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/footern.png
104.19.135.75200 OK 10 kB URL HTTP/2 img.pay4d.info/footern.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c874f595389f01e778067dff5bc5d1f0
c5f3cb0b0a03bb0cc41cea7d1bc24b630eaab4bf
84097f8df21211e36d200017ce5dbb571569bbd5d21d7dfb1067d0b75567b17f
GET /footern.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 10240
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=11983
content-disposition: inline; filename="footern.webp"
last-modified: Fri, 04 Nov 2022 13:47:10 GMT
vary: Accept
cf-cache-status: HIT
age: 5672
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ffa8b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-prag.png
104.19.135.75200 OK 1.4 kB URL HTTP/2 img.pay4d.info/slot-prag.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8e7ecdf154298edbc92186de70734ff7
10402bf0a46147d1b1e6e41ded452c24faa6dce6
b13a36e2d82b2cd019af41f40af642d37641573770e11980ecc12e2dce55d713
GET /slot-prag.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 1416
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5251
content-disposition: inline; filename="slot-prag.webp"
last-modified: Wed, 18 Dec 2019 05:38:15 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da70faeb50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-pg.png
104.19.135.75200 OK 1.7 kB URL HTTP/2 img.pay4d.info/slot-pg.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 86ec152055228538f1a8f8943f179a97
ef30830c693272695c7cf5f2ac12679c75a2db18
a643c08a5d025958c4499731c62c3cc78663aa9c6bd2d567bbff38b4637b339b
GET /slot-pg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 1740
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5084
content-disposition: inline; filename="slot-pg.webp"
last-modified: Tue, 08 Jun 2021 09:18:38 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da70fafb50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-hab.png
104.19.135.75200 OK 1.9 kB URL HTTP/2 img.pay4d.info/slot-hab.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 158c1eeabbd166126f46035ec5e6d457
83fa7159d10da9989fc9853ee6f96ab57b065e83
11bd40a973e0e088856ced2e923bb0badeb4291c9ea0d11386d9a469817eeda0
GET /slot-hab.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 1888
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5768
content-disposition: inline; filename="slot-hab.webp"
last-modified: Wed, 18 Dec 2019 05:38:14 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da70fb0b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-cq9.png
104.19.135.75200 OK 1.2 kB URL HTTP/2 img.pay4d.info/slot-cq9.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c1a383f5c29c2a1abb0146f00f976edd
d044fc1b18c28a0129ef1ffbeba52166614d057e
cef9e6fabf6bc11ddbe76f0abec0e0f7106ba78a0b5499c3c640d82c8a7d6701
GET /slot-cq9.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 1182
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4157
content-disposition: inline; filename="slot-cq9.webp"
last-modified: Wed, 10 Nov 2021 17:01:06 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da70fb1b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-spad.png
104.19.135.75200 OK 1.3 kB URL HTTP/2 img.pay4d.info/slot-spad.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d6290e499ede13e741045d26dfbd95bf
73a41f0d753bb0843be9bfb147e1999ced0e30d5
ccdb75fdea9558a8454442831c45017f205cd8729bc2f0399b91e1fb2473cd89
GET /slot-spad.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 1258
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4945
content-disposition: inline; filename="slot-spad.webp"
last-modified: Wed, 18 Dec 2019 05:38:16 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da70fb2b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picright-b.jpg
104.19.135.75200 OK 21 kB URL HTTP/2 img.pay4d.info/picright-b.jpg
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11b3651cddd57d137ad1f9f632ca7360
7ac7d221ec9c1865dc06138b53fe870e6bccdb97
43c4b555f21c351bdd7b5953b63d93078c02def41fe3b333c85822aaca5bf5ef
GET /picright-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 20622
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=24384
content-disposition: inline; filename="picright-b.webp"
last-modified: Fri, 04 Nov 2022 13:42:49 GMT
vary: Accept
cf-cache-status: HIT
age: 5680
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ffa3b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/logo_providernewn.png
104.19.135.75200 OK 23 kB URL HTTP/2 img.pay4d.info/logo_providernewn.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7d6a7641bdff382fd00a6f9c21a42aa1
8c3a482d06391d155e232d844c61a321e8f74dbb
fa1d88846de93439c5603d97da37187779c37879e3ba8312c9a36ed6d8b0520f
GET /logo_providernewn.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 22986
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=65682
content-disposition: inline; filename="logo_providernewn.webp"
last-modified: Wed, 23 Nov 2022 11:16:43 GMT
vary: Accept
cf-cache-status: HIT
age: 5672
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da6ffa7b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-mg.png
104.19.135.75200 OK 1.1 kB URL HTTP/2 img.pay4d.info/slot-mg.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ab217824849c8bc2f05240458ef55574
06b015108c8fc22469d8e5a4c371e6d05c04b624
326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72
GET /slot-mg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 1092
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4064
content-disposition: inline; filename="slot-mg.webp"
last-modified: Tue, 15 Mar 2022 06:24:42 GMT
vary: Accept
cf-cache-status: HIT
age: 5675
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da70fb3b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-jok.png
104.19.135.75200 OK 2.0 kB URL HTTP/2 img.pay4d.info/slot-jok.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c3d6ce73337d8098402370b95ce184d6
f82824809e6fc6b5bc0696c7dce5942ab17abac5
21cd86f323c17093d4d78ba1e98352a00c8459cb70d1135006cf1de90b0388b3
GET /slot-jok.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 2000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7983
content-disposition: inline; filename="slot-jok.webp"
last-modified: Wed, 18 Dec 2019 05:38:14 GMT
vary: Accept
cf-cache-status: HIT
age: 5675
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da70fb5b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-ttg.png
104.19.135.75200 OK 356 B URL HTTP/2 img.pay4d.info/slot-ttg.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3ce52bfdf47ac5aeec429c7d844f8309
20ecca3cdae26598825aca9d3180721585936d76
574449c76cb20fb822d17cec93a25ed069371c78d8f6e9efb0daa4924a411a56
GET /slot-ttg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 356
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2467
content-disposition: inline; filename="slot-ttg.webp"
last-modified: Sat, 14 Mar 2020 09:33:42 GMT
vary: Accept
cf-cache-status: HIT
age: 5675
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da70fb6b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/pop/mobile-opus.jpg
104.19.135.75200 OK 30 kB URL HTTP/2 img.pay4d.info/pop/mobile-opus.jpg
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8d191b6393109de875275c79f178e863
89c1f1c6b4968a6d6f1bcb13ce4500f1e7f71711
4c554e5ffc7c633b4e881338c2b83789ada0b84a3083808c4f72368e121edd28
GET /pop/mobile-opus.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/webp
content-length: 30134
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=61371
content-disposition: inline; filename="mobile-opus.webp"
last-modified: Fri, 25 Nov 2022 06:26:05 GMT
vary: Accept
cf-cache-status: HIT
age: 5677
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da70fadb50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picmid.jpg
104.19.135.75200 OK 34 kB URL HTTP/2 img.pay4d.info/picmid.jpg
IP 104.19.135.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data
Hash 9ff8825bea0abb9177794729b5932760
9424c5ff2b125bc8d319313875c90c5393183b36
18179e3e611fdec3356c387f78b85ff7201fd7ee6166eb5aff06aa851cbe4b82
GET /picmid.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/jpeg
content-length: 34044
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=36646, status=webp_bigger
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
cf-cache-status: HIT
age: 5680
expires: Tue, 29 Nov 2022 06:20:52 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77188da6ff95b50f-OSL
X-Firefox-Spdy: h2
bit.ly/3TljBtW
67.199.248.10301 Moved Permanently 344 B IP 67.199.248.10:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ba3ea5fae3a08230aa69ad0497b53687
bdf20486e2b7a0b83af3de26dd2b453abac58c7c
bcf840a7eeef624251b5c32fd51b8f14429962a0891255795dbd361bb2f33b80
GET /3TljBtW HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: text/html; charset=utf-8
content-length: 344
cache-control: private, max-age=90
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYV_l2XNJKUiq1AXSbAuY_aev4JzrpBnQSqeuyKqSFIxtSWnoeDSJCfYuyjvNuqp5s4ZiVwr6YB4KbQukfz58Btc9_uiQ5KvY2uZQ68Z5dG9XglK4PFWDYgghaZifUkGeFFvLhuAbUZeaflNdphEgeC5U5c7tfai4xnIr8HSH1wmf2GxVlt1FxK6Qq/s1600/6.jpg
set-cookie: _bit=mat4kQ-6cbfba381b50ca7a72-00A; Domain=bit.ly; Expires=Sun, 28 May 2023 04:20:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 01afa847dd32f6a25f2ce6317bf1e5bb
180a7f43e5feb59d01e5a10e2f6ea82cb345121a
5acca38d8795a08161dedc2fb7fb3d919a144a8244a34f8ecdc3d5d916e15ff1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:20:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 08:16:26 GMT
Expires: Sat, 03 Dec 2022 08:16:25 GMT
Etag: "180a7f43e5feb59d01e5a10e2f6ea82cb345121a"
Cache-Control: max-age=359132,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77188da60b4c1bfe-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 33c32f969ee9f2829bbb2a7a2301dcf5
866b6cb911a62ac24c42f9ec064f8204825c4e19
12aa5456fdca733b04e9131bad9a137e3bb9686ee8d613fce7e36ddf1adea935
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141384
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:52 GMT
Etag: "63850dec-117"
Expires: Wed, 30 Nov 2022 19:37:16 GMT
Last-Modified: Mon, 28 Nov 2022 19:37:16 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 33c32f969ee9f2829bbb2a7a2301dcf5
866b6cb911a62ac24c42f9ec064f8204825c4e19
12aa5456fdca733b04e9131bad9a137e3bb9686ee8d613fce7e36ddf1adea935
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:52 GMT
Etag: "6383bc71-118"
Server: ECS (amb/6BB4)
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 04:11:13 GMT
cache-control: public,max-age=3600
age: 580
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://4dkinghoki.me
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669695653.dop013.sk1.t,1669695653.cds261.sk1.hn,1669695653.cds210.sk1.c
X-Firefox-Spdy: h2
img.pay4d.info/live-evo.png
104.19.135.75200 OK 1.9 kB URL HTTP/2 img.pay4d.info/live-evo.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5cb96d1f84e38795c3f22b92bc122592
34b8d1a7ec29283b962233ffc9a0dea48ba3a2e4
6c5acbaf9f4b55c013e541f7885469169bb34227ccb554f3501f82fa29c3b3c8
GET /live-evo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 1866
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5224
content-disposition: inline; filename="live-evo.webp"
last-modified: Wed, 23 Nov 2022 11:55:02 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da7c804b50f-OSL
X-Firefox-Spdy: h2
i.ibb.co/vQNwwS0/rtp-slot-gacor.gif
162.19.58.156200 OK 2.8 MB URL HTTP/2 i.ibb.co/vQNwwS0/rtp-slot-gacor.gif
IP 162.19.58.156:0
File type GIF image data, version 89a, 300 x 300\012- data
Size 2.8 MB (2808910 bytes)
Hash b12aac9a201a711fd21420b44c6f8934
2edb6000fbf777e708220767ee46cfe3038c164f
802596a3b734705559b0d66c86402238c2a084b1de23acbc1f1616a7d518f678
GET /vQNwwS0/rtp-slot-gacor.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: image/gif
content-length: 2808910
last-modified: Fri, 23 Sep 2022 06:46:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
bit.ly/3FWU7zj
67.199.248.10301 Moved Permanently 348 B IP 67.199.248.10:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8a44e704f448ef884da8a97e1ffba0f9
3182a3b37a870cf18a9b65d63dec90fe492d8589
08237d1b1ee7f4d9baa5f49f0c34ac423a37ddfce9b05df566964996c3b004a8
GET /3FWU7zj HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: text/html; charset=utf-8
content-length: 348
cache-control: private, max-age=90
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1TXm4y66F-dgmQjGiWUPAtDRCu5RzmkDahPZHjoZMdgJ3S7VvgRMpfY7Pn62XVPMI-McJx7SYwzaSmi5wfrDijcrgwN9N1UbfJGwAlBpfV5OjTFma6ZWYbwWuu6kk1cznhM1H7l6_SMRjWZI9sbHh9I0-aAbMflO0vdBCq73AgTKXcNJjzYNsSQ_m/s1600/1 (1).jpg
set-cookie: _bit=mat4kQ-5440339e8b90134c46-008; Domain=bit.ly; Expires=Sun, 28 May 2023 04:20:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img.pay4d.info/live-pp.png
104.19.135.75200 OK 1.4 kB URL HTTP/2 img.pay4d.info/live-pp.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1f1aa38c5a91ca20b6bfdee9245eebc2
5f00a7a39257fc368e3fcaaf0b923f6a9fd49bcf
57d9d0b26be6a4ea6d8894ff8dab03ea2c4400155146d5380281f4a589966e65
GET /live-pp.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 1418
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7765
content-disposition: inline; filename="live-pp.webp"
last-modified: Fri, 26 Jun 2020 07:51:40 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da7c803b50f-OSL
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js
151.101.85.229200 OK 11 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (39553)
Hash 3d7736f3e0093bfcece832c8a1dced40
4421527237d7cf60ab3a8605e131d90370d59f8e
9bfb0fe335300ad7521ccc87e8a1d7be601958e3a9b9f0ea8f98cc7fa3946e70
GET /npm/bootstrap@3.4.1/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://4dkinghoki.me
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.4.1
x-jsd-version-type: version
etag: W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 04:20:53 GMT
age: 17557929
x-served-by: cache-fra19167-FRA, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10942
X-Firefox-Spdy: h2
bit.ly/3Ss59ip
67.199.248.10301 Moved Permanently 344 B IP 67.199.248.10:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d60519bd0d69544eea2fb9e62c0b7101
3f6a377ce31c6ba979078fa0ec33ca1fbe3ff864
31bba134dc1cef9662d5556e7cac729b1b9e0481958bf56c19801331f1778470
GET /3Ss59ip HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:20:52 GMT
content-type: text/html; charset=utf-8
content-length: 344
cache-control: private, max-age=90
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3Hr8IMEjok35wKNxeVhdg3KbC_U97QA8L89j_J5sUpb6zNsMlJusGnbU7-KQXesnWtrKCEcvrwgIAnmn15EUtnyP9O2_3tPwTKeUfqM78JqSNRDfyvQAPfpfyKy3jTQOMNgCpgMuATcv0n7cDEfp_kiR6izoEPESHUizErppp5r_C7elULH3y1-Ct/s1600/8.jpg
set-cookie: _bit=mat4kQ-01a01d95bfadc6ae52-00D; Domain=bit.ly; Expires=Sun, 28 May 2023 04:20:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img.pay4d.info/live-ion.png
104.19.135.75200 OK 2.4 kB URL HTTP/2 img.pay4d.info/live-ion.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1a48e4a72414e5587b22eb4ac4ae959b
a3ac92a04917abab71a98503dcfff52be3af7cdb
e48ccb777ed57ca1eee701da53a8fa2d85b64639d0b8210e3160678e1753b144
GET /live-ion.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 2434
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6674
content-disposition: inline; filename="live-ion.webp"
last-modified: Fri, 26 Jun 2020 07:51:41 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da7c806b50f-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.91.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.91.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hb5n1mZF/m0rCvOlRlJxbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Syt3EbziMOPm5DT4WqQFSozXkyk=
bit.ly/3z2YhBg
67.199.248.10301 Moved Permanently 344 B IP 67.199.248.10:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f4c402481c0ec4f5a1ef04cdab5a4cde
8a2f89a6ef6428c6eb5baadef7d5683db011acf8
b69350f6cd92c9796d842ce820553da044590baa125cbf0daa29ec480610f6ca
GET /3z2YhBg HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: text/html; charset=utf-8
content-length: 344
cache-control: private, max-age=90
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwCyKgLxFbY1NQIlt4GwYDZrU1qXhCQEWcH52ofktoh8tVT4QJ_KVzW4ofBvS2gi8zMa3okJZcur9rKLRtPe9suCDZhNJo6UBmfHVEI-iK-A6FxbWf4CesLGHoDZ0QSbJcj8KGG3LgJwCGM7I96LYLFtt6ge9TyTU3GkMkKR--t787j3Cod_zn6iyZ/s1600/7.jpg
set-cookie: _bit=mat4kR-5aeaf952f3e2416add-00L; Domain=bit.ly; Expires=Sun, 28 May 2023 04:20:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bit.ly/3TEq7vJ
67.199.248.10301 Moved Permanently 344 B IP 67.199.248.10:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 580b347db345fa58756110af6f53be82
c12f607294a7a564b2634efcd057c01a7b6ca386
c7108d72b8afa24e0abce78bddf7a7217dd7996b46cbdc081cf20201b46e5e38
GET /3TEq7vJ HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: text/html; charset=utf-8
content-length: 344
cache-control: private, max-age=90
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5Mu2G83EkVJWPU9KwT4N8HwEoPN7eBq4VMadIidUh0jtC9d8oQtzRk4otjCPTEA_cac-1nOUO09e_ZOhMD3SR68xllFs1cpRU84tmGXUlYh8MT13lHgtIikJGPwZhkrgS83E7jC46k9YNCW_-CQ3WcmKSZ44rvm9Wfj4KOOwFt5Bix3-hPTJ5xAlT/s1600/4.jpg
set-cookie: _bit=mat4kR-c8120c7257981d4da0-00s; Domain=bit.ly; Expires=Sun, 28 May 2023 04:20:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdf8fcc67ef5a6697d5b9e25088bb9e1
d7390ff89e205cc059d4466a4dcdcb66f5726c0b
99aab94597be8e161f919be17ad0a5b286a3263147c323fbb1ba20354f5b6d12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5060
Cache-Control: max-age=166979
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:53 GMT
Etag: "63855e24-1d7"
Expires: Thu, 01 Dec 2022 02:43:52 GMT
Last-Modified: Tue, 29 Nov 2022 01:19:32 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
img.pay4d.info/live-mg.png
104.19.135.75200 OK 1.1 kB URL HTTP/2 img.pay4d.info/live-mg.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ab217824849c8bc2f05240458ef55574
06b015108c8fc22469d8e5a4c371e6d05c04b624
326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72
GET /live-mg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 1092
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4064
content-disposition: inline; filename="live-mg.webp"
last-modified: Tue, 15 Mar 2022 06:24:43 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da87858b50f-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.pay4d.info/kontak/sms.png
104.19.135.75200 OK 414 B URL HTTP/2 img.pay4d.info/kontak/sms.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ab01bf284d3245dad051381855a39f35
51de83afc1fe4a2cba4aeb647d260a7e3fa32001
ab5418701d478deee3c36600c7d7101b44d902461008cecd4eef93d882eca238
GET /kontak/sms.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 414
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3655
content-disposition: inline; filename="sms.webp"
last-modified: Mon, 09 Sep 2019 19:19:33 GMT
vary: Accept
cf-cache-status: HIT
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da70fabb50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-opus.png
104.19.135.75200 OK 1.3 kB URL HTTP/2 img.pay4d.info/live-opus.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ff58f7baf1903414b9e121fa194c01a0
9686d2811e39d923e00d3573d187e84dda29fdba
d68d2439ada8dcdb278433a33da32e2659f34ce90cc7c9023180bbd3dd92f54a
GET /live-opus.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 1330
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4303
content-disposition: inline; filename="live-opus.webp"
last-modified: Fri, 26 Aug 2022 10:55:33 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da87859b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/kontak/fb.png
104.19.135.75200 OK 300 B URL HTTP/2 img.pay4d.info/kontak/fb.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9daa0755bb1f7cbea82e2d506d355535
09438e3bc734c47538cf70f11dc8450dc3471ea5
b7216eb923bbb92bb47ea39c84e2f84a8fc7daad9bb77d9f89fa3528d3a59f78
GET /kontak/fb.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 300
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3295
content-disposition: inline; filename="fb.webp"
last-modified: Mon, 09 Sep 2019 19:19:33 GMT
vary: Accept
cf-cache-status: HIT
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da70facb50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-fishing-war.png
104.19.135.75200 OK 4.2 kB URL HTTP/2 img.pay4d.info/fish-fishing-war.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5de4388ad28949bab321d81e8afd639b
320c986e3c630e937333639364dcf80ef7dc19a2
54d4dfa543f1b8e4c544ce229b644b2671722eca476c6b8cb9df759e2375561f
GET /fish-fishing-war.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 4158
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=10616
content-disposition: inline; filename="fish-fishing-war.webp"
last-modified: Tue, 30 Mar 2021 09:18:46 GMT
vary: Accept
cf-cache-status: HIT
age: 5675
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da8d890b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-all.png
104.19.135.75200 OK 2.5 kB URL HTTP/2 img.pay4d.info/live-all.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 80ab66e968b68828f745dbd67b94dfc8
18d70a225ba9f5c51d79d286178312966d339f76
bf207416b528a9c36145e5943266d17c909af991f3512d62636b85eb8232ab5f
GET /live-all.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 2548
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9511
content-disposition: inline; filename="live-all.webp"
last-modified: Mon, 07 Sep 2020 10:34:19 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da8d887b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-alien-hunter.png
104.19.135.75200 OK 2.9 kB URL HTTP/2 img.pay4d.info/fish-alien-hunter.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 44ed1c2cb6486482db8d337636bd9494
7d7f1961857c405b2d72078ee512626a79ce2504
165db214f71fc24501cec62e40869ad284f2ef1fddae90933b570a605608b2a3
GET /fish-alien-hunter.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 2884
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9071
content-disposition: inline; filename="fish-alien-hunter.webp"
last-modified: Wed, 07 Jul 2021 11:05:14 GMT
vary: Accept
cf-cache-status: HIT
age: 5675
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da8d891b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-fishing-god.png
104.19.135.75200 OK 4.1 kB URL HTTP/2 img.pay4d.info/fish-fishing-god.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a0948f83578f51b07453a73d2e7feb0e
0e3f824762ed0f79c93200f05b8b631535e62d50
294f599a73342736676eb2d36724e27f9ace65053d1eec0d5267318608dcb49d
GET /fish-fishing-god.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 4084
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8579
content-disposition: inline; filename="fish-fishing-god.webp"
last-modified: Tue, 30 Mar 2021 09:18:46 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da8d88fb50f-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7c182574908e8c0e35b381114cfd012
2053404f4e981653ae5e618e3a0b1a609d5054bf
f79639d25ccdded97e1463ce4441b3570c4091d8c56dbe19b358fe23989d91fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5995
Cache-Control: max-age=153839
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:53 GMT
Etag: "63852729-1d7"
Expires: Wed, 30 Nov 2022 23:04:52 GMT
Last-Modified: Mon, 28 Nov 2022 21:24:57 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
216.58.207.195200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://4dkinghoki.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 22:54:25 GMT
expires: Sat, 25 Nov 2023 22:54:25 GMT
cache-control: public, max-age=31536000
age: 278788
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.pay4d.info/banner/slide-evo.jpg
104.19.135.75200 OK 95 kB URL HTTP/2 img.pay4d.info/banner/slide-evo.jpg
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eb02c8af01265c17cd6bfa916b8590cd
87454568859bcc81562d916edd29f90c19259641
8fdc207822dfe9352613272cf9c76839eb1ab306e4bdd2446213f132cf3d4087
GET /banner/slide-evo.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 94810
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=153063
content-disposition: inline; filename="slide-evo.webp"
last-modified: Fri, 25 Nov 2022 06:26:29 GMT
vary: Accept
cf-cache-status: HIT
age: 5674
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da8d893b50f-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://4dkinghoki.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:03 GMT
expires: Thu, 23 Nov 2023 18:51:03 GMT
cache-control: public, max-age=31536000
age: 466190
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.pay4d.info/sport-saba.png
104.19.135.75200 OK 3.2 kB URL HTTP/2 img.pay4d.info/sport-saba.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ca905a05925915a6aeae1dff933661ea
e4432529d8665c323809db7b6bd7fd1412862de2
27f3a57f120ec304c41c368c4ff779c9310968a53be66f0b1a1eb6a61d61629a
GET /sport-saba.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 3166
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8019
content-disposition: inline; filename="sport-saba.webp"
last-modified: Fri, 18 Nov 2022 07:12:18 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da8d88bb50f-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
216.58.207.195200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://4dkinghoki.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 23:14:30 GMT
expires: Sat, 25 Nov 2023 23:14:30 GMT
cache-control: public, max-age=31536000
age: 277583
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.pay4d.info/live-sg.png
104.19.135.75200 OK 2.8 kB URL HTTP/2 img.pay4d.info/live-sg.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5fde10bbbfdf170112f4bc9859955ed5
e73a68c4221288b52a848a67801f9bcd387ba2ea
60bb4f59c40e9ef9f1d2be56a2a7324a8750e339de1efb9b96840314b8581628
GET /live-sg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 2814
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=11259
content-disposition: inline; filename="live-sg.webp"
last-modified: Thu, 10 Dec 2020 08:44:39 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da8d889b50f-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
216.58.207.195200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9588, version 1.0\012- data
Hash 55d912c794126956bb1e8f41597c131f
f7ade582dbe9d0efe97ae105cab313c6e45904d4
8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699
GET /s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://4dkinghoki.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:49:46 GMT
expires: Fri, 24 Nov 2023 16:49:46 GMT
cache-control: public, max-age=31536000
age: 387067
last-modified: Tue, 19 Apr 2022 18:29:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.pay4d.info/sport-sbo.png
104.19.135.75200 OK 2.6 kB URL HTTP/2 img.pay4d.info/sport-sbo.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6264eff1bd0d1cb19031119953556ab5
5ba02b770ec3c704549a90c1619624ab41afad29
5b4e3f622d5aec3c70df461c3aa9a3a4b200b2b8c92f0c13e0b03395bd655d51
GET /sport-sbo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 2566
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7368
content-disposition: inline; filename="sport-sbo.webp"
last-modified: Fri, 18 Nov 2022 07:12:18 GMT
vary: Accept
cf-cache-status: HIT
age: 5676
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da8d88db50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-zombie.png
104.19.135.75200 OK 2.8 kB URL HTTP/2 img.pay4d.info/fish-zombie.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 88304eeaf81e9ebd296a0d0e2ddb7be2
32c2c254dfa81406883e0507339c538a4af5ce3b
fab65eee93acd119c34e221f22ca4029d06a9fa9a5d93b56be894e4247ff7d81
GET /fish-zombie.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 2760
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9384
content-disposition: inline; filename="fish-zombie.webp"
last-modified: Thu, 05 Aug 2021 09:13:00 GMT
vary: Accept
cf-cache-status: HIT
age: 5674
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da8d892b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/banner/slide-pp-nv.jpg
104.19.135.75200 OK 181 kB URL HTTP/2 img.pay4d.info/banner/slide-pp-nv.jpg
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 181 kB (181314 bytes)
Hash f05e4ec58442c20d7dcb6bf38f1856be
e1d63b5ffda7e54a46e97f0c3fb1548f6350f1d8
874343455cdd0ba9d33b598954a620e53ac23740ec5e584323df8a56efedc34e
GET /banner/slide-pp-nv.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 181314
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=267909
content-disposition: inline; filename="slide-pp-nv.webp"
last-modified: Mon, 21 Nov 2022 12:45:21 GMT
vary: Accept
cf-cache-status: HIT
age: 5674
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da8d896b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/banner/slider-wc-2022.jpg
104.19.135.75200 OK 156 kB URL HTTP/2 img.pay4d.info/banner/slider-wc-2022.jpg
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 156 kB (156456 bytes)
Hash 9ae983754e7c56256e6f7cae8438ef58
04978cb727dbe83b821e9bfd1e890514363cd144
144ce72837f5bb04407c7b4ea75c956c1fd7b0affda81f14690b33e8a64c68b5
GET /banner/slider-wc-2022.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 156456
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=205412
content-disposition: inline; filename="slider-wc-2022.webp"
last-modified: Mon, 21 Nov 2022 12:44:35 GMT
vary: Accept
cf-cache-status: HIT
age: 5674
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da8d895b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/banner/slide-mg-dec.jpg
104.19.135.75200 OK 149 kB URL HTTP/2 img.pay4d.info/banner/slide-mg-dec.jpg
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 149 kB (149274 bytes)
Hash 265e473e8f7e5eb3b308c1e987cb397d
0adb86a1dff882ddfa5000f93f76528ae3e6158b
f0ddd0ed56976938fd320181ff5455761b41cd88abcd460f196bce06b32cae42
GET /banner/slide-mg-dec.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 149274
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=212690
content-disposition: inline; filename="slide-mg-dec.webp"
last-modified: Mon, 21 Nov 2022 12:44:48 GMT
vary: Accept
cf-cache-status: HIT
age: 5673
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188da8d897b50f-OSL
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 1f183668f6f7e5a0ce0aa053dfd04a4f
8871f36a4147d786a43a3fc14ea022998040c45d
a464121bd461656e8e890636b196a617675fd53cbb1d6e65de46ed072be7de36
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:20:53 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1A3D5D0E5226A82489DEDA46B9A51A4CE11B5190"
Expires: Tue, 29 Nov 2022 16:00:00 GMT
Last-Modified: Tue, 29 Nov 2022 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 692
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77188da97e3db503-OSL
cdn.livechatinc.com/tracking.js
23.36.79.17200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash fdb3fbabc9d0fdd42c1230d360cd2d44
3968a4d120665750710b64068c0af871d1a149d5
b774ad6e513f484794d2f3985d3b42667e11c38c6def308bcce6b3d81ebff9c7
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:42 GMT
x-amz-version-id: XiT9l9I6GGKdmfwcYLWex5TUwoVUOWV5
server: AmazonS3
content-encoding: br
etag: W/"72abe41f23b1a5d3b25350cc7025a805"
vary: Accept-Encoding
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: D3KEkfL4U2Yk1ikvSs7spz9_JmtUYKdfxg54PQ9go4a6WarOC0Sz5A==
content-length: 26070
cache-control: max-age=28800
expires: Tue, 29 Nov 2022 12:20:53 GMT
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.wixstatic.com/media/920b3d_b125656fc1aa4854a8a6bd380e97c29a~mv2.gif
34.102.176.152200 OK 64 kB URL HTTP/2 static.wixstatic.com/media/920b3d_b125656fc1aa4854a8a6bd380e97c29a~mv2.gif
IP 34.102.176.152:0
File type GIF image data, version 89a, 738 x 256\012- data
Hash 309afb212b1fcf641984c128c85561c9
f5d27adec78df591e184b7f16fcfbd356c02581c
58aacc1941517fd71dcbe3c8d84831ea756552abe50520a91c2ad39fee43e199
GET /media/920b3d_b125656fc1aa4854a8a6bd380e97c29a~mv2.gif HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/gif
content-length: 63897
x-guploader-uploadid: ADPycdtxgVMrelFcYCPQlWbpVn-WhaKJua39F_7zrMPxNCfyokpOdkknutA7-VzqOWPwZgYBJK0DyNVa2bIxNgz8oNQE1w
expires: Tue, 29 Nov 2022 05:20:53 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Tue, 14 Jun 2022 12:17:34 GMT
etag: "309afb212b1fcf641984c128c85561c9"
x-goog-generation: 1655209054095329
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63897
x-goog-meta-wix-basic: eyJ3aWR0aCI6IDczOCwgImhlaWdodCI6IDI1NiwgImZvcm1hdCI6ICJnaWYiLCAiY29sb3JzcGFjZSI6ICJzUkdCIiwgIm9yaWVudGF0aW9uIjogMH0=
x-goog-meta-wix-generation: 0
x-goog-hash: crc32c=PCCxVw==, md5=MJr7ISsfz2QZhMEoyFVhyQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-765d45dbd8-tr4xq
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 01afa847dd32f6a25f2ce6317bf1e5bb
180a7f43e5feb59d01e5a10e2f6ea82cb345121a
5acca38d8795a08161dedc2fb7fb3d919a144a8244a34f8ecdc3d5d916e15ff1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:20:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 08:16:26 GMT
Expires: Sat, 03 Dec 2022 08:16:25 GMT
Etag: "180a7f43e5feb59d01e5a10e2f6ea82cb345121a"
Cache-Control: max-age=359131,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77188daa2c3b1bfe-OSL
img.pay4d.info/android.png
104.19.135.75200 OK 1.1 kB URL HTTP/2 img.pay4d.info/android.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0b02cd52bbd4c1164b94f9c21050e6be
8941f921796a98fc8fabb4c0cec157c34d4e4276
a7c62c2757c85f7b8edb8bddd7f3b0472c851452daceb20485ddffa6ea9703fb
GET /android.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 1096
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3351
content-disposition: inline; filename="android.webp"
last-modified: Sat, 30 Jan 2021 10:29:07 GMT
vary: Accept
cf-cache-status: HIT
age: 5672
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188dacca80b50f-OSL
X-Firefox-Spdy: h2
img.pay4d.info/dlandroid.png
104.19.135.75200 OK 2.5 kB URL HTTP/2 img.pay4d.info/dlandroid.png
IP 104.19.135.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a74bb516386bf584bbcb42de349db17c
8bb9f72b4f8d077bbe7319cb341bd9ef7ea8136a
5ddce943f364942ee30b1398175472ab116b19119a3fa7eb2815944162ccfb51
GET /dlandroid.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
content-type: image/webp
content-length: 2520
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5781
content-disposition: inline; filename="dlandroid.webp"
last-modified: Wed, 11 Sep 2019 07:36:31 GMT
vary: Accept
cf-cache-status: HIT
age: 5673
expires: Tue, 29 Nov 2022 06:20:53 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 77188dad2aa8b50f-OSL
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13812945&url=https%3A%2F%2F4dkinghoki.me%2F&channel_type=code&jsonp=__nrbnpxwo4um
23.36.79.17200 OK 230 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13812945&url=https%3A%2F%2F4dkinghoki.me%2F&channel_type=code&jsonp=__nrbnpxwo4um
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash f18313098b9456e64f4f80acc894ac96
ce85569259672687d87429ecb782bad8d236648e
e01677ce39d45642604e87d09116d9d4266422c2c103602dc8ef747ab0dde898
GET /v3.3/customer/action/get_dynamic_configuration?license_id=13812945&url=https%3A%2F%2F4dkinghoki.me%2F&channel_type=code&jsonp=__nrbnpxwo4um HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://4dkinghoki.me/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://4dkinghoki.me/
content-length: 230
date: Tue, 29 Nov 2022 04:20:53 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=13812945&version=335.3.3.386.59.23.7.6.1.1.1.4.0&group_id=0&jsonp=__lc_static_config
23.36.79.17200 OK 1.5 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=13812945&version=335.3.3.386.59.23.7.6.1.1.1.4.0&group_id=0&jsonp=__lc_static_config
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4417), with no line terminators
Hash 054895d28efdffd3c899d489f40bcbc6
9d4004ff62797c3140eea79cf921be18527ccd70
e4da201b53431a7b63cb2ddfda31e646cef9172acd7130b11db492443e06269d
GET /v3.3/customer/action/get_configuration?license_id=13812945&version=335.3.3.386.59.23.7.6.1.1.1.4.0&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1492
cache-control: public, max-age=600
expires: Tue, 29 Nov 2022 04:30:54 GMT
date: Tue, 29 Nov 2022 04:20:54 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13812945&version=13159fb2ee05429e3ae48a4031b3d0e0&language=id&group_id=0&jsonp=__lc_localization
23.36.79.17200 OK 4.0 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13812945&version=13159fb2ee05429e3ae48a4031b3d0e0&language=id&group_id=0&jsonp=__lc_localization
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (11610), with no line terminators
Hash 64f54875fb1ea33bd3522216e43406bc
0337f503d9e0e1cc31d870f7feab515c2d2eda57
e3e9091c1ec31cba75b02c4f4637090404c4723f010f43a8ff6c02aa5e5be732
GET /v3.3/customer/action/get_localization?license_id=13812945&version=13159fb2ee05429e3ae48a4031b3d0e0&language=id&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Tue, 29 Nov 2022 04:30:54 GMT
date: Tue, 29 Nov 2022 04:20:54 GMT
content-length: 3981
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=13812945&group=0&embedded=1&widget_version=3&unique_groups=0
23.36.79.17200 OK 2.6 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=13812945&group=0&embedded=1&widget_version=3&unique_groups=0
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Hash 2af834d2c1666ed80bdf535ba7baf0cf
f83744b1d09476acd71ce975971ace5404982232
1727455617bd6865da97b3dfba29fae5b9b7f43662bf5b57d9bde8f5a987dc67
GET /customer/action/open_chat?license_id=13812945&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Tue, 29 Nov 2022 04:20:54 GMT
content-length: 2558
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
23.36.79.17200 OK 15 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (47599), with no line terminators
Hash 59df903a307f8661bd53313a1a1ec2dd
c1b075479edfeed640cea3038d08915f5eedb9a8
6a19cca29c349c638cdb3a4f5103fe14562c865fc49184f33770f0f87b87bb7c
GET /widget/static/js/0.0f55d8dd.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: FTaBdM5aPM6e3Wa0SH3EvXHWpAST4v3U
server: AmazonS3
content-encoding: br
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: KgvNFtC8e1Ondp6OM2DSbEHtkwN5kS2GkPwb0uCzLz2iu3P1-YllZA==
content-length: 14934
cache-control: max-age=31536000
expires: Wed, 29 Nov 2023 04:20:54 GMT
date: Tue, 29 Nov 2022 04:20:54 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
23.36.79.17200 OK 66 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 524812952e0af015a7b1f7621b66446d
52de20770b835fc95c42ee8fb8c929ce889f1f41
9c6a9bc16e05afce31697dd6ef2530653501be1ea8af90e1905d9949d014a9ba
GET /widget/static/js/1.1e075a8f.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: o8X.laUPCA4HbBkhv_.0.rtHv1UEzu8S
server: AmazonS3
content-encoding: br
etag: W/"add645219cc09aca44e90ff2cb69482a"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: wQvKSpsPRy26in0iJkcMTYfNv8UaYE7ghU0BTCtCVHFylj64oG5eMQ==
content-length: 66502
cache-control: max-age=31536000
expires: Wed, 29 Nov 2023 04:20:54 GMT
date: Tue, 29 Nov 2022 04:20:54 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
23.36.79.17200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Hash 3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Wed, 29 Nov 2023 04:20:54 GMT
date: Tue, 29 Nov 2022 04:20:54 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js
23.36.79.17200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
GET /widget/static/js/iframe.5a8c73ef.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:45 GMT
x-amz-version-id: P0PTNAbmnutUEWx5JwIuKC0qV1oD8pjU
server: AmazonS3
content-encoding: br
etag: W/"662ab831ab34600ffa4072f565bdfd64"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 1Ip4wPazEkF_uHKhUPZDS0tSsxvZSsZmEMk6Zoy43CtXbndWYhSu6A==
content-length: 206714
cache-control: max-age=31536000
expires: Wed, 29 Nov 2023 04:20:54 GMT
date: Tue, 29 Nov 2022 04:20:54 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/favicon.png
151.139.128.10200 OK 48 kB URL HTTP/2 4dkinghoki.me/favicon.png
IP 151.139.128.10:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash e50fad8da64b84507a51ed62555359cd
c9ece9e9308f6c227cbc98d35cca4bdef82da3d9
93ae19259c03e6a1ff0f273e5b077ef4823d8ff36fc2aa57460c9a7443060dbc
GET /favicon.png HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:54 GMT
etag: "1605078644"
cache-control: max-age=3600
content-length: 48205
content-type: image/png
last-modified: Wed, 11 Nov 2020 07:10:44 GMT
accept-ranges: bytes
server: Apache
x-hw: 1669695654.cds219.sk1.hn,1669695654.cds015.sk1.sc,1669695654.cds015.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5Mu2G83EkVJWPU9KwT4N8HwEoPN7eBq4VMadIidUh0jtC9d8oQtzRk4otjCPTEA_cac-1nOUO09e_ZOhMD3SR68xllFs1cpRU84tmGXUlYh8MT13lHgtIikJGPwZhkrgS83E7jC46k9YNCW_-CQ3WcmKSZ44rvm9Wfj4KOOwFt5Bix3-hPTJ5xAlT/s1600/4.jpg
142.250.74.33200 OK 102 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5Mu2G83EkVJWPU9KwT4N8HwEoPN7eBq4VMadIidUh0jtC9d8oQtzRk4otjCPTEA_cac-1nOUO09e_ZOhMD3SR68xllFs1cpRU84tmGXUlYh8MT13lHgtIikJGPwZhkrgS83E7jC46k9YNCW_-CQ3WcmKSZ44rvm9Wfj4KOOwFt5Bix3-hPTJ5xAlT/s1600/4.jpg
IP 142.250.74.33:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 900x158, components 3\012- data
Size 102 kB (101651 bytes)
Hash 3a4a806391544ad7c649874b89a09740
677cd74694490d59bb8f1941233be004c25ca1e7
6949dc16f177e8eb2355d46b327233fc724019ca977b85708385385cb88b0a26
GET /img/b/R29vZ2xl/AVvXsEg5Mu2G83EkVJWPU9KwT4N8HwEoPN7eBq4VMadIidUh0jtC9d8oQtzRk4otjCPTEA_cac-1nOUO09e_ZOhMD3SR68xllFs1cpRU84tmGXUlYh8MT13lHgtIikJGPwZhkrgS83E7jC46k9YNCW_-CQ3WcmKSZ44rvm9Wfj4KOOwFt5Bix3-hPTJ5xAlT/s1600/4.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4dkinghoki.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v43b"
expires: Wed, 30 Nov 2022 04:20:54 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="4.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 04:20:54 GMT
server: fife
content-length: 101651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3737
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:20:54 GMT
Connection: keep-alive
4dkinghoki.me/webdata.php?content=desktopapp
151.139.128.10200 OK 93 kB URL HTTP/2 4dkinghoki.me/webdata.php?content=desktopapp
IP 151.139.128.10:0
Hash 44bbf88f25590ec4756c6c0adc402ac5
bb2feb9c8697bc51108ea5b138a8b864087d7e2b
437a417963634b051f04ce779eba4e442ad4472b8496a5bf6a8343b60dca4723
Analyzer Verdict Alert fortinet Phishing
GET /webdata.php?content=desktopapp HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
x-hw: 1669695653.cds219.sk1.hn,1669695653.cds253.sk1.sc,1669695653.cds253.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUpbi2VIHyKf9ZTnXIOH2L58bs0de_MLqfBYjRukiJ_-o4r-3KI3Ed9SLITfgve_JT5k7ibxqE0aX4PKkwbf9EOwg3WmSMDkYMlLQH3Kfo_k_8pT9Kc5zM0nEyIAZPWKS6Cf-XWxR3lV9JdEPEIInKtterBNwVvCPhmgDh40_QDPFrnD6jlVOtgf0B/s1600/9.jpg
142.250.74.33200 OK 104 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUpbi2VIHyKf9ZTnXIOH2L58bs0de_MLqfBYjRukiJ_-o4r-3KI3Ed9SLITfgve_JT5k7ibxqE0aX4PKkwbf9EOwg3WmSMDkYMlLQH3Kfo_k_8pT9Kc5zM0nEyIAZPWKS6Cf-XWxR3lV9JdEPEIInKtterBNwVvCPhmgDh40_QDPFrnD6jlVOtgf0B/s1600/9.jpg
IP 142.250.74.33:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 900x158, components 3\012- data
Size 104 kB (103732 bytes)
Hash 743d37393ee977b952e5fd3a3dc8cab0
60528e5d957333e06c36e5dfa9a70bf998de2481
3e90f50fd560f714a015e96051d5ff660fdffb9dbfbe23b7f8a2bdcb4fe38c90
GET /img/b/R29vZ2xl/AVvXsEjUpbi2VIHyKf9ZTnXIOH2L58bs0de_MLqfBYjRukiJ_-o4r-3KI3Ed9SLITfgve_JT5k7ibxqE0aX4PKkwbf9EOwg3WmSMDkYMlLQH3Kfo_k_8pT9Kc5zM0nEyIAZPWKS6Cf-XWxR3lV9JdEPEIInKtterBNwVvCPhmgDh40_QDPFrnD6jlVOtgf0B/s1600/9.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4dkinghoki.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v43e"
expires: Wed, 30 Nov 2022 04:20:54 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="9.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 04:20:54 GMT
server: fife
content-length: 103732
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3737
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:20:54 GMT
Connection: keep-alive
4dkinghoki.me/webdata.php?content=broadcast
151.139.128.10200 OK 88 kB URL HTTP/2 4dkinghoki.me/webdata.php?content=broadcast
IP 151.139.128.10:0
Hash 8780e6018e51df29fed26da5771e379d
7d3b98d7cc99db4203a98677832c3f63ee5e2848
1679f9d74dc7e2fed1432820e603d4296af0dd1a33060aedc0c3a844130dd560
Analyzer Verdict Alert fortinet Phishing
GET /webdata.php?content=broadcast HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
x-hw: 1669695653.cds219.sk1.hn,1669695653.cds236.sk1.sc,1669695653.cds236.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3Hr8IMEjok35wKNxeVhdg3KbC_U97QA8L89j_J5sUpb6zNsMlJusGnbU7-KQXesnWtrKCEcvrwgIAnmn15EUtnyP9O2_3tPwTKeUfqM78JqSNRDfyvQAPfpfyKy3jTQOMNgCpgMuATcv0n7cDEfp_kiR6izoEPESHUizErppp5r_C7elULH3y1-Ct/s1600/8.jpg
142.250.74.33200 OK 106 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3Hr8IMEjok35wKNxeVhdg3KbC_U97QA8L89j_J5sUpb6zNsMlJusGnbU7-KQXesnWtrKCEcvrwgIAnmn15EUtnyP9O2_3tPwTKeUfqM78JqSNRDfyvQAPfpfyKy3jTQOMNgCpgMuATcv0n7cDEfp_kiR6izoEPESHUizErppp5r_C7elULH3y1-Ct/s1600/8.jpg
IP 142.250.74.33:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 900x158, components 3\012- data
Size 106 kB (106367 bytes)
Hash aabbd9851a52ad40a9097219ee502572
fffafd16a95f0eea4752667367495e76edcb337a
d3c15a0b23ad822d2a7ade7a6713fb742ae72e65d3d33e08e39d9cb1204a11de
GET /img/b/R29vZ2xl/AVvXsEj3Hr8IMEjok35wKNxeVhdg3KbC_U97QA8L89j_J5sUpb6zNsMlJusGnbU7-KQXesnWtrKCEcvrwgIAnmn15EUtnyP9O2_3tPwTKeUfqM78JqSNRDfyvQAPfpfyKy3jTQOMNgCpgMuATcv0n7cDEfp_kiR6izoEPESHUizErppp5r_C7elULH3y1-Ct/s1600/8.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4dkinghoki.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v43e"
expires: Wed, 30 Nov 2022 04:20:54 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="8.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 04:20:54 GMT
server: fife
content-length: 106367
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYV_l2XNJKUiq1AXSbAuY_aev4JzrpBnQSqeuyKqSFIxtSWnoeDSJCfYuyjvNuqp5s4ZiVwr6YB4KbQukfz58Btc9_uiQ5KvY2uZQ68Z5dG9XglK4PFWDYgghaZifUkGeFFvLhuAbUZeaflNdphEgeC5U5c7tfai4xnIr8HSH1wmf2GxVlt1FxK6Qq/s1600/6.jpg
142.250.74.33200 OK 94 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYV_l2XNJKUiq1AXSbAuY_aev4JzrpBnQSqeuyKqSFIxtSWnoeDSJCfYuyjvNuqp5s4ZiVwr6YB4KbQukfz58Btc9_uiQ5KvY2uZQ68Z5dG9XglK4PFWDYgghaZifUkGeFFvLhuAbUZeaflNdphEgeC5U5c7tfai4xnIr8HSH1wmf2GxVlt1FxK6Qq/s1600/6.jpg
IP 142.250.74.33:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 900x158, components 3\012- data
Hash af3baea2a3506d5acdfbd8fecde834de
b9c976cdf0023ab879d0d1bce7a29e2831a50c9d
81070682b2fbee863ebed323d2465144952a7da03826ca23c48fc12b0d57150b
GET /img/b/R29vZ2xl/AVvXsEjYV_l2XNJKUiq1AXSbAuY_aev4JzrpBnQSqeuyKqSFIxtSWnoeDSJCfYuyjvNuqp5s4ZiVwr6YB4KbQukfz58Btc9_uiQ5KvY2uZQ68Z5dG9XglK4PFWDYgghaZifUkGeFFvLhuAbUZeaflNdphEgeC5U5c7tfai4xnIr8HSH1wmf2GxVlt1FxK6Qq/s1600/6.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4dkinghoki.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v43e"
expires: Wed, 30 Nov 2022 04:20:54 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="6.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 04:20:54 GMT
server: fife
content-length: 94016
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4dkinghoki.me/webdata.php?content=mobileapp
151.139.128.10200 OK 98 kB URL HTTP/2 4dkinghoki.me/webdata.php?content=mobileapp
IP 151.139.128.10:0
Hash f169574e7e03a2f7d93eab9f1eb04fe7
3390de9dc48707a2ca9d735830a3ec87aaf590af
4b64277dcb1d4197008e67a408f6f2f0d7de3b84e3b06f0c468a18222ca74533
Analyzer Verdict Alert fortinet Phishing
GET /webdata.php?content=mobileapp HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
x-hw: 1669695653.cds219.sk1.hn,1669695653.cds205.sk1.sc,1669695653.cds205.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 04:45:02 GMT
age: 84952
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3737
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:20:54 GMT
Connection: keep-alive
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1TXm4y66F-dgmQjGiWUPAtDRCu5RzmkDahPZHjoZMdgJ3S7VvgRMpfY7Pn62XVPMI-McJx7SYwzaSmi5wfrDijcrgwN9N1UbfJGwAlBpfV5OjTFma6ZWYbwWuu6kk1cznhM1H7l6_SMRjWZI9sbHh9I0-aAbMflO0vdBCq73AgTKXcNJjzYNsSQ_m/s1600/1%20(1).jpg
142.250.74.33200 OK 58 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1TXm4y66F-dgmQjGiWUPAtDRCu5RzmkDahPZHjoZMdgJ3S7VvgRMpfY7Pn62XVPMI-McJx7SYwzaSmi5wfrDijcrgwN9N1UbfJGwAlBpfV5OjTFma6ZWYbwWuu6kk1cznhM1H7l6_SMRjWZI9sbHh9I0-aAbMflO0vdBCq73AgTKXcNJjzYNsSQ_m/s1600/1%20(1).jpg
IP 142.250.74.33:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 900x158, components 3\012- data
Hash 5570867a0a8b86f15b3bc11ce27cbd83
89d5160089eb4f48c6b815c8c06f374aa9c842b1
88ac2f6d27069073d77be97a5aae8ff42f2174205c8be13de7b83dcceb899d0a
GET /img/b/R29vZ2xl/AVvXsEj1TXm4y66F-dgmQjGiWUPAtDRCu5RzmkDahPZHjoZMdgJ3S7VvgRMpfY7Pn62XVPMI-McJx7SYwzaSmi5wfrDijcrgwN9N1UbfJGwAlBpfV5OjTFma6ZWYbwWuu6kk1cznhM1H7l6_SMRjWZI9sbHh9I0-aAbMflO0vdBCq73AgTKXcNJjzYNsSQ_m/s1600/1%20(1).jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4dkinghoki.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v443"
expires: Wed, 30 Nov 2022 04:20:54 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1 (1).jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 04:20:54 GMT
server: fife
content-length: 57569
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c76e3c4cc159bda9b9e887fcd449ba51
12d90c36bd455b3b859fdb761b6ed49ea9f98f80
fc2aad6b1ec65938249970e01a23d35a19cb9c9acbc3524586dd23f7bdaf9690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10445
x-amzn-requestid: fb9fc0d4-9f2e-4fab-a259-30300aacdc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvuDGHaIAMFn_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc659-56786e9b754a48b30b5f79c7;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:06:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fkjT2irjF_lGK2IDx2nzFK13MgMQFXrtUIWv9lR9y-f6VT1bthJfyQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 14:31:14 GMT
age: 49780
etag: "12d90c36bd455b3b859fdb761b6ed49ea9f98f80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwCyKgLxFbY1NQIlt4GwYDZrU1qXhCQEWcH52ofktoh8tVT4QJ_KVzW4ofBvS2gi8zMa3okJZcur9rKLRtPe9suCDZhNJo6UBmfHVEI-iK-A6FxbWf4CesLGHoDZ0QSbJcj8KGG3LgJwCGM7I96LYLFtt6ge9TyTU3GkMkKR--t787j3Cod_zn6iyZ/s1600/7.jpg
142.250.74.33200 OK 93 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwCyKgLxFbY1NQIlt4GwYDZrU1qXhCQEWcH52ofktoh8tVT4QJ_KVzW4ofBvS2gi8zMa3okJZcur9rKLRtPe9suCDZhNJo6UBmfHVEI-iK-A6FxbWf4CesLGHoDZ0QSbJcj8KGG3LgJwCGM7I96LYLFtt6ge9TyTU3GkMkKR--t787j3Cod_zn6iyZ/s1600/7.jpg
IP 142.250.74.33:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 900x158, components 3\012- data
Hash 2cc5023744f76d2cbf009d8e6b56cc50
c2accbddc93fd1a5086731bfddabac2b3e99da16
0f14a2d4f632ad5936a594676081aae934887f3e7d9253717161cac1c607dbc3
GET /img/b/R29vZ2xl/AVvXsEgwCyKgLxFbY1NQIlt4GwYDZrU1qXhCQEWcH52ofktoh8tVT4QJ_KVzW4ofBvS2gi8zMa3okJZcur9rKLRtPe9suCDZhNJo6UBmfHVEI-iK-A6FxbWf4CesLGHoDZ0QSbJcj8KGG3LgJwCGM7I96LYLFtt6ge9TyTU3GkMkKR--t787j3Cod_zn6iyZ/s1600/7.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4dkinghoki.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v43d"
expires: Wed, 30 Nov 2022 04:20:54 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="7.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 04:20:54 GMT
server: fife
content-length: 92590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5049b423-1bbd-4caa-891e-b46234fc1a6a.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5049b423-1bbd-4caa-891e-b46234fc1a6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df665be3ae1347cb9bb1443a6a1a33e6
e0617845684a8f7586b37e8be8976bbe6a93563e
15155df8643daa0408633922e15691a3b00b393ee433e1162cf031024e84d0a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5049b423-1bbd-4caa-891e-b46234fc1a6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14856
x-amzn-requestid: 22ec3d7a-91f5-4b67-9621-a93b1e5d09e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYejFKxoAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d45c-34ffa40356825a715a7eb5cc;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:07:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GBeOUYK49uZurdS8v-Fmimf_GDcBqDR6hlZ7eRaMeGjs0iEeIvhIWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:34:57 GMT
age: 2757
etag: "e0617845684a8f7586b37e8be8976bbe6a93563e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: 265257bd-0177-4e63-879b-e9f99d0d16c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTZANFW2oAMFlyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63846ecd-6767ccde3361eb593108603d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 08:18:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ntQPVFK12XqhVCMlaq0oIDx7k6e2xQdp1Y67W1nG6ayhG1XFekz5CQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 09:53:30 GMT
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
age: 66444
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEgKDNy1X7EHk7CsPCmUM5SxPi9tr8cCTWWpUxCRLDCebun-2Q9uXBc0ZKtOCtBLIMhRLdO8S02jdjDNrrIBBIjDTc1w3Rto2nse9wLjUA4Y93_BdECqWK3daBqd1s6dSjzbHOZsZqkLY8SHvcs0DWduwl3UOJEGCBS50t80gSUO2KZfsMmNfuK4pY2H
142.250.74.33200 OK 11 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgKDNy1X7EHk7CsPCmUM5SxPi9tr8cCTWWpUxCRLDCebun-2Q9uXBc0ZKtOCtBLIMhRLdO8S02jdjDNrrIBBIjDTc1w3Rto2nse9wLjUA4Y93_BdECqWK3daBqd1s6dSjzbHOZsZqkLY8SHvcs0DWduwl3UOJEGCBS50t80gSUO2KZfsMmNfuK4pY2H
IP 142.250.74.33:0
File type PNG image data, 200 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 781c70d03298a74069dac2affde79ece
118eea5c5733a88104b73d6198923c0515f4b5de
24b5d040bc68e51e141b80c6e3cd6eab1ce2f0f7300728e5a3baa039bb32ac7d
GET /img/a/AVvXsEgKDNy1X7EHk7CsPCmUM5SxPi9tr8cCTWWpUxCRLDCebun-2Q9uXBc0ZKtOCtBLIMhRLdO8S02jdjDNrrIBBIjDTc1w3Rto2nse9wLjUA4Y93_BdECqWK3daBqd1s6dSjzbHOZsZqkLY8SHvcs0DWduwl3UOJEGCBS50t80gSUO2KZfsMmNfuK4pY2H HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4dkinghoki.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v246"
expires: Wed, 30 Nov 2022 04:20:54 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="link alte.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 04:20:54 GMT
server: fife
content-length: 11000
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 3763
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:38:02 GMT
age: 74572
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhAbE84b4Zy3tnFHu8pI5x2EiQwBQ9OO5mpig2Bs2PWCn_KZ5wNjl7wEyz11q60z1UvrTOkrlWd9STKfH5HTIzBS73BLYAWFIH7g_V8dBdZoaPSURZ6zGcXbTgo7SVCrYqxBEnNeMi1H0gBxnoCmRw_eZZY-uIkfY5YAcr6F_E2SSvYKjIMwBp1R9J/s1600/LUCKY%20SPIN.gif
142.250.74.33200 OK 1.2 MB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhAbE84b4Zy3tnFHu8pI5x2EiQwBQ9OO5mpig2Bs2PWCn_KZ5wNjl7wEyz11q60z1UvrTOkrlWd9STKfH5HTIzBS73BLYAWFIH7g_V8dBdZoaPSURZ6zGcXbTgo7SVCrYqxBEnNeMi1H0gBxnoCmRw_eZZY-uIkfY5YAcr6F_E2SSvYKjIMwBp1R9J/s1600/LUCKY%20SPIN.gif
IP 142.250.74.33:0
File type GIF image data, version 89a, 250 x 250\012- data
Size 1.2 MB (1231395 bytes)
Hash 6e8fd1492ed8a6d2f71a3111bf65f9ab
2c8f8c1f413b7b450c697f61e5f1f3ee652f14bf
864e779fc5cff924ef5d0e3549b6e35a645b67997a98ebd37b406b351767ea51
GET /img/b/R29vZ2xl/AVvXsEhhAbE84b4Zy3tnFHu8pI5x2EiQwBQ9OO5mpig2Bs2PWCn_KZ5wNjl7wEyz11q60z1UvrTOkrlWd9STKfH5HTIzBS73BLYAWFIH7g_V8dBdZoaPSURZ6zGcXbTgo7SVCrYqxBEnNeMi1H0gBxnoCmRw_eZZY-uIkfY5YAcr6F_E2SSvYKjIMwBp1R9J/s1600/LUCKY%20SPIN.gif HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4dkinghoki.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v445"
expires: Wed, 30 Nov 2022 04:20:54 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LUCKY SPIN.gif"
content-type: image/gif
vary: Origin
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 04:20:54 GMT
server: fife
content-length: 1231395
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=13812945
23.36.79.16101 Switching Protocols 0 B URL HTTP/1.1 api.livechatinc.com/v3.3/customer/rtm/ws?license_id=13812945
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.3/customer/rtm/ws?license_id=13812945 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rapu/S5S5Ud0Wxnq8oI0gw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: vd4slEcs/Rwv+Mts5l91J8xI25M=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2023-06-30
Date: Tue, 29 Nov 2022 04:20:54 GMT
Upgrade: websocket
Connection: Upgrade
accounts.livechatinc.com/customer/token
23.36.79.17200 OK 138 B URL HTTP/2 accounts.livechatinc.com/customer/token
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash 1a0d6bdb591329085d79808d8b5da7b5
6b3b8c45a505cc19044b29ff0b30c6b67b735f73
e87a8df6be8064fc50275c0cbb073b15084c7016aeb38cfb2f2944fa02a65a39
POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Tue, 29 Nov 2022 04:20:54 GMT
set-cookie: __lc_cid=fd94313f-ed8b-458e-4b6d-d2585b3cfa6f; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 29 Nov 2024 04:20:54 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=cdcae94e8779078c4caceb253fb72f8ccf8b60643163ef82840f374caf0a5c2c1d3daa5c77df5f7e6737b546006fa36d37103a55d7bfbae4418dcb405f11; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 29 Nov 2024 04:20:54 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=fd94313f-ed8b-458e-4b6d-d2585b3cfa6f; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 29 Nov 2024 04:20:54 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=cdcae94e8779078c4caceb253fb72f8ccf8b60643163ef82840f374caf0a5c2c1d3daa5c77df5f7e6737b546006fa36d37103a55d7bfbae4418dcb405f11; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 29 Nov 2024 04:20:54 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1669695684&tag=5a794fa63d7f58475af8fff2367710b14b4b9ef5; Path=/; Expires=Tue, 29 Nov 2022 04:21:24 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Fcdn.livechat-files.com%2Fapi%2Ffile%2Flc%2Fmain%2F13812945%2F0%2Fec%2F86ec81176f34d50255cb184afec3e798.gif
23.36.79.17200 OK 7.2 MB URL HTTP/2 cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Fcdn.livechat-files.com%2Fapi%2Ffile%2Flc%2Fmain%2F13812945%2F0%2Fec%2F86ec81176f34d50255cb184afec3e798.gif
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 360 x 360\012- data
Size 7.2 MB (7193873 bytes)
Hash cd33990f490057aa3920b7df500a409d
593dffde49fb4ccafd38b6f3b2176790e553842e
18049841cb516a683a99f7caf37f0c28887c1bdc01223a0c5c625eea60ffdce6
GET /cloud/?uri=https%3A%2F%2Fcdn.livechat-files.com%2Fapi%2Ffile%2Flc%2Fmain%2F13812945%2F0%2Fec%2F86ec81176f34d50255cb184afec3e798.gif HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
content-length: 7193873
access-control-allow-origin: *, *
content-type: image/gif
cache-control: public, max-age=63071999
expires: Thu, 28 Nov 2024 04:20:55 GMT
date: Tue, 29 Nov 2022 04:20:56 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800
IP 142.250.74.10:0
GET /css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 04:20:52 GMT
date: Tue, 29 Nov 2022 04:20:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4dkinghoki.me/m/capimg.php?2922
151.139.128.10200 OK 0 B URL HTTP/2 4dkinghoki.me/m/capimg.php?2922
IP 151.139.128.10:0
GET /m/capimg.php?2922 HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds207.sk1.sc,1669695653.cds207.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/webdata.php?status=time
151.139.128.10200 OK 0 B URL HTTP/2 4dkinghoki.me/webdata.php?status=time
IP 151.139.128.10:0
Analyzer Verdict Alert fortinet Phishing
GET /webdata.php?status=time HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
x-hw: 1669695653.cds219.sk1.hn,1669695653.cds201.sk1.sc,1669695653.cds201.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/
151.139.128.10200 OK 0 B IP 151.139.128.10:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:52 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: Apache
x-frame-options: Deny
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
set-cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0; path=/
x-hw: 1669695651.cds219.sk1.hn,1669695651.cds262.sk1.sc,1669695652.cds262.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
4dkinghoki.me/capimg.php?2756
151.139.128.10200 OK 0 B URL HTTP/2 4dkinghoki.me/capimg.php?2756
IP 151.139.128.10:0
Analyzer Verdict Alert fortinet Phishing
GET /capimg.php?2756 HTTP/1.1
Host: 4dkinghoki.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4dkinghoki.me/
Cookie: PHPSESSID=gcu20oaiataq4cre49d4ucg0o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:20:53 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-hw: 1669695652.cds219.sk1.hn,1669695652.cds246.sk1.sc,1669695653.cds246.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2