3.hpyub.live/jefanya-store
185.252.232.248301 Moved Permanently 242 B URL HTTP/1.1 3.hpyub.live/jefanya-store
IP 185.252.232.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9f8cdf9050d66d10835ff0df813090ca
b05b466e7b878a21485d92ef4df5edbd74c562ec
1111df3d5a25e89492c7515e59b8de93b3d0f8f02bd054e88ab5f06e6ba54b08
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /jefanya-store HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 24 Jan 2023 06:44:20 GMT
Server: Apache
Location: http://3.hpyub.live/jefanya-store/
Content-Length: 242
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11440
Expires: Tue, 24 Jan 2023 09:55:00 GMT
Date: Tue, 24 Jan 2023 06:44:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14368
Expires: Tue, 24 Jan 2023 10:43:48 GMT
Date: Tue, 24 Jan 2023 06:44:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 06:42:42 GMT
content-type: application/json
age: 98
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8685
Expires: Tue, 24 Jan 2023 09:09:05 GMT
Date: Tue, 24 Jan 2023 06:44:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 02Nc81P0PsUtYc2jw8ZTVvyS18GioIds4JhSyO0JIWaMIMaUlLA8myn3FzAn89pMc+W6SUPuoNsLz4KZo+qRIA==
x-amz-request-id: C39V0HK620AJS398
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 05:48:01 GMT
age: 3379
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
3.hpyub.live/jefanya-store/
185.252.232.248200 OK 23 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/
IP 185.252.232.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, Unicode text, UTF-8 text, with very long lines (358)
Hash 5f0b63a9f731142cbdc700688c899b29
ad74baea49665462b9ad057b486e758c58c14041
e75596d0bb8d405aee56b4e62ffe7e603c9120546d4c360ed4163449f440e143
Analyzer Verdict Alert fortinet Phishing
GET /jefanya-store/ HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:20 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 06:44:20 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
3.hpyub.live/jefanya-store/css/style.css
185.252.232.248200 OK 14 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/css/style.css
IP 185.252.232.248:0
File type assembler source, ASCII text
Hash 67d22a695643fdcf40f83d4d4c7c8f4d
445d5638cae73da76c1d2e690ea55cc97ab5ab13
a95834527df98351f655f70a7d2ab900b5984d2765616426e34c7814284c1c06
GET /jefanya-store/css/style.css HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 14357
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.25.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 06:44:21 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2779519
expires: Sun, 14 Jan 2024 06:44:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eY5ae62HGw60IEUf0xiPCj1Kos7XHfFwGGXk4NsuCnZQfZJ5Ykzn3CGIbDocjlyRNVQAGu9eGhoQkYIIVclQSrvHDd9INU6Jgfuiw%2FRINiMogbrMhg5aFOafzKDz8lGCyDRxo%2Bcr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78e6ccd03ce5b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.hpyub.live/jefanya-store/css/login/facebook.css
185.252.232.248200 OK 3.8 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/css/login/facebook.css
IP 185.252.232.248:0
Hash 81796f04bffdba6fc88ce6774be45d59
02c03c3d9852ed71c5f8cc2600340953032cb407
cfa13c4473f3da0663674244a677e9724960e89e48d05eafa66176d567e669c9
GET /jefanya-store/css/login/facebook.css HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 3767
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8d21d2558eeb388eb558037eeed4425f
be86ec7afc7ad2689070a8d3b70f8294857fe9b9
6e27735043b51d87079b1880c13e710a8cae766dd85794289bac929e2b4e5627
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:44:21 GMT
Last-Modified: Tue, 24 Jan 2023 05:02:41 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
3.hpyub.live/jefanya-store/js/showHide.js
185.252.232.248200 OK 1.0 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/js/showHide.js
IP 185.252.232.248:0
Hash 40de30da8791ff682d7e8c32557c6c58
e41b0994f2f25c9bad62674ca3daafce3284400e
74e109af273287d0adfbb205d50cc85daa2dd98824afbc21495b989f8c2260f4
Analyzer Verdict Alert fortinet Phishing
GET /jefanya-store/js/showHide.js HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 1033
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
3.hpyub.live/jefanya-store/css/login/twitter.css
185.252.232.248200 OK 2.5 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/css/login/twitter.css
IP 185.252.232.248:0
Hash 3b36fac79ca457324420097e2b664e48
6b8b07a659d4c34a8a102eee6a775664657f86d0
7e74f535f1a3abf790579ac128b658e82027b4487643419c61b47e4d61aae01d
GET /jefanya-store/css/login/twitter.css HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 2549
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
3.hpyub.live/jefanya-store/js/script.js
185.252.232.248200 OK 4.7 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/js/script.js
IP 185.252.232.248:0
Hash 08735a1f343ed3a7d46f7b5afbcf0e70
a30a821eaca01beb999f6477fa3658f63c9b0fe3
5fb438e931fa145db1ff5e453d5b1580608feaf87215b5dd03590eb6300340d7
Analyzer Verdict Alert fortinet Phishing
GET /jefanya-store/js/script.js HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 4665
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
3.hpyub.live/jefanya-store/js/Nizam.js
185.252.232.248404 Not Found 315 B URL HTTP/1.1 3.hpyub.live/jefanya-store/js/Nizam.js
IP 185.252.232.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /jefanya-store/js/Nizam.js HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 404 Not Found
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
code.jquery.com/jquery-1.10.2.min.js
69.16.175.10200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.10.2.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32072)
Hash 68cc08e82915da8b82fc6be74ab86365
4089530b0c00f6cbd1452d7f873be85454196fd1
6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 06:44:21 GMT
content-encoding: gzip
content-length: 32788
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-16bb3"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CNWYvp4GEocBCiQ0MmZhZjk2Zi05NTM1LTQ1MWEtYmVmMS1kYTZlMjZkZmY5NjEQ+OiCoKvU+wIaBgjF/L2eBiIMOTEuOTAuNDIuMTU0KKGXAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkOTM5YWZkZGUtMGRmOS00ZjM4LTk2ODAtOGNmZTc0ZjkwMjIzGJSAAiIYCAISFGNkczI0My5zazEuaHdjZG4ubmV0.LyKMTB3RJivQcjbw/kbaA7soNO0+enbfKUYJl8rjK/k=
x-hw: 1674542661.dop226.sk1.t,1674542661.cds229.sk1.hn,1674542661.cds243.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:44:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.hpyub.live/jefanya-store/css/animate.css
185.252.232.248200 OK 78 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/css/animate.css
IP 185.252.232.248:0
Hash 8eae1a9cfafdc593321d4d59ec4905ea
232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
GET /jefanya-store/css/animate.css HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 77906
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:44:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32061)
Hash b90b3d2618cce9d766152cd3092b5c27
496339457cd00caab8118e2e1f30ea18dc05b9f4
b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 22:44:55 GMT
expires: Wed, 17 Jan 2024 22:44:55 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 547166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32180)
Hash f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 15:04:40 GMT
expires: Fri, 19 Jan 2024 15:04:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 401981
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.hpyub.live/jefanya-store/img/popup-close.png
185.252.232.248200 OK 625 B URL HTTP/1.1 3.hpyub.live/jefanya-store/img/popup-close.png
IP 185.252.232.248:0
File type PNG image data, 34 x 34, 8-bit colormap, non-interlaced\012- data
Hash b89e12db403cb8e341c5e2518ae7a582
58c28094d0163546a6a32b68cf7fa367d87eb27e
f3361c7789695badb59f4e22bc1fbc3eee819c299a8b7b9400e7843d40126919
GET /jefanya-store/img/popup-close.png HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 625
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
3.hpyub.live/jefanya-store/img/lok3.jpg
185.252.232.248200 OK 162 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/lok3.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, software=PicsArt, height=0, datetime=2023:01:02 14:47:02, orientation=upper-left, width=0], baseline, precision 8, 720x564, components 3\012- data
Size 162 kB (162064 bytes)
Hash f31176a50eddd82ccf37b39a8c5cafd0
119b09f7b80f229359f784c6cedc50083a09fa52
80838da258853af5736ef7d3f1d91d9565de86a57698b77c8ae93921f526941a
GET /jefanya-store/img/lok3.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 162064
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/lvl5.jpg
185.252.232.248200 OK 54 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/lvl5.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=576, software=PicsArt, orientation=upper-left, datetime=2022:12:15 12:10:15, width=720], baseline, precision 8, 720x576, components 3\012- data
Hash 67bb97c75c97e51034d5af7a50114b3f
aded13d2fc4de6afffb4c73cf15a106e6ce31e02
4ae9c939bd7545304f5f53e76ceb15f41043694770becc7906fbf0c71483af86
GET /jefanya-store/img/lvl5.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 54366
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8d21d2558eeb388eb558037eeed4425f
be86ec7afc7ad2689070a8d3b70f8294857fe9b9
6e27735043b51d87079b1880c13e710a8cae766dd85794289bac929e2b4e5627
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:44:21 GMT
Last-Modified: Tue, 24 Jan 2023 05:02:41 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
3.hpyub.live/jefanya-store/img/rewards/10zx.jpg
185.252.232.248200 OK 72 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/rewards/10zx.jpg
IP 185.252.232.248:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1090x1059, components 3\012- data
Hash 774e924ed68eef6f1abadcabf1dbb3e2
70e657b8819ef7b138456993ad8e7fbbc813a46f
f38ebeeef5c76c6b21fd46f7ae183d422bbd334e123d7d396109cc6b497c4210
GET /jefanya-store/img/rewards/10zx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 71882
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
i.postimg.cc/66bK3tfJ/Amod.png
162.19.88.68200 OK 86 kB URL HTTP/2 i.postimg.cc/66bK3tfJ/Amod.png
IP 162.19.88.68:0
File type PNG image data, 1280 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash c984d71cd905f49da568e4065129d87e
659edc07148f7197cdf025bd0ed9ac1d296f9131
c428adc61eebb6d5fb1fab43436b08fc12d7c63419f435395e436babd0adf789
GET /66bK3tfJ/Amod.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 06:44:21 GMT
content-type: image/png
content-length: 86253
last-modified: Wed, 17 Aug 2022 14:47:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
3.hpyub.live/jefanya-store/img/lvl4.jpg
185.252.232.248200 OK 132 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/lvl4.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=958, software=PicsArt, orientation=upper-left, datetime=2022:12:15 12:39:38, width=720], baseline, precision 8, 720x958, components 3\012- data
Size 132 kB (131973 bytes)
Hash 70da4025aabe020aeebd697f5a0dd91d
fd9b4118677f4f2219db692862f4b50539138a97
a9496321a06b516b6afc0a6d47fedb4222678a22cf454b67572a75560e5ab86f
GET /jefanya-store/img/lvl4.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 131973
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/lok4.jpg
185.252.232.248200 OK 171 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/lok4.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, software=PicsArt, height=0, datetime=2023:01:02 15:04:28, orientation=upper-left, width=0], baseline, precision 8, 720x522, components 3\012- data
Size 171 kB (171191 bytes)
Hash 484e03544d66ceadf19430978b623fb6
328fd9430c17b6a631b915112c5e112cc3cb46c7
106faed134ed5329cc1776a9b31252a2703b41f64c97708e4db9d33776c71eb5
GET /jefanya-store/img/lok4.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 171191
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/popup-footer6.png
185.252.232.248200 OK 252 B URL HTTP/1.1 3.hpyub.live/jefanya-store/img/popup-footer6.png
IP 185.252.232.248:0
File type PNG image data, 600 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash 86115524ea384057e51101865034426e
18464626dc0e625c126993b7d26a4e1f61f828fd
d6951ece4fdb285ec5490e597e38a4158355a47de1946b086ed71fd9cec10274
GET /jefanya-store/img/popup-footer6.png HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/css/style.css
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 252
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
3.hpyub.live/jefanya-store/img/rewards/7zx.jpg
185.252.232.248200 OK 286 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/rewards/7zx.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=1059, software=PicsArt, orientation=upper-left, datetime=2023:01:03 00:04:35, width=1090], baseline, precision 8, 1090x1059, components 3\012- data
Size 286 kB (286353 bytes)
Hash b52f3241d5bceece4c939c5b2fb910a9
63224cc50c0be3b42f4d5dfbcf04437ea485cb0e
4658899057a8e79b58cd2c1bf0dcb17871377b70754b73e11eb8ce99380bac3e
GET /jefanya-store/img/rewards/7zx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 286353
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/rewards/8zx.jpg
185.252.232.248200 OK 268 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/rewards/8zx.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=1059, software=PicsArt, orientation=upper-left, datetime=2023:01:03 00:08:25, width=1090], baseline, precision 8, 1090x1059, components 3\012- data
Size 268 kB (267475 bytes)
Hash 03fdaaa3b165ed9a2a0014cf477f6c0b
217f1fcb31b02a5b61f4c837d6ce21807ea14141
a785afd505f2cc2f99c58d306a8c201516722bcfde10f2158cc3a697b71d4ea7
GET /jefanya-store/img/rewards/8zx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 267475
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/lok2.jpg
185.252.232.248200 OK 171 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/lok2.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, software=PicsArt, height=0, datetime=2023:01:10 22:24:38, orientation=upper-left, width=0], baseline, precision 8, 720x612, components 3\012- data
Size 171 kB (170626 bytes)
Hash b895b292dccf2ca84535d0ce8b08c635
eabcd4908a664145ca000ce1991ab17484c5d87e
33613e98bbb214bbdcd0a64660f74190dacdd646043583feba3ea06564ae74ec
GET /jefanya-store/img/lok2.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 170626
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/lok1.jpg
185.252.232.248200 OK 279 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/lok1.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, software=PicsArt, height=0, datetime=2023:01:05 08:12:48, orientation=upper-left, width=0], baseline, precision 8, 1080x857, components 3\012- data
Size 279 kB (279189 bytes)
Hash e346bd514167445d63fbf08d1aae2df3
48056e3c3250b2eba445e7f89d04f7cb61920a53
f861c521dd124415de40e1c0920267f472ed398405ac85b6adf6810ead7d902c
GET /jefanya-store/img/lok1.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 279189
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/lvl1.jpg
185.252.232.248200 OK 269 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/lvl1.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=720, software=PicsArt, orientation=upper-left, datetime=2022:12:15 12:05:54, width=776], baseline, precision 8, 776x720, components 3\012- data
Size 269 kB (268613 bytes)
Hash f4917157ac716fb95c3bb960998d9411
65d445ca2a9d5e41a54b5ec22a290f50c290e4b4
84122d6cb23fae9420208378a1444ba8e56c918a77f1159ce4ba46ed91364d07
GET /jefanya-store/img/lvl1.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 268613
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
142.250.74.106200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP 142.250.74.106:0
Hash 48ffdb0bb66c799cb7ded864a3b0e737
09856a7cb60d3915acf7f44cf30c72d4d2792087
150ccac3eee7f27eec823a667bf0935288dffb9bbccc5a8167a8135d8fd3a3a5
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 24 Jan 2023 06:44:21 GMT
date: Tue, 24 Jan 2023 06:44:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.hpyub.live/jefanya-store/js/Nizam.js
185.252.232.248404 Not Found 315 B URL HTTP/1.1 3.hpyub.live/jefanya-store/js/Nizam.js
IP 185.252.232.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /jefanya-store/js/Nizam.js HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 404 Not Found
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
3.hpyub.live/jefanya-store/img/rewards/2zx.jpg
185.252.232.248200 OK 95 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/rewards/2zx.jpg
IP 185.252.232.248:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1090x1059, components 3\012- data
Hash 614e96e9a92e72f88f082b42323eb66d
22b2cf6976f5ef72ebc40393a93fc4448774e4b6
649a3a132812d4b6fdb572c17697c6ca28792a173b4521c53f44b3f81eed07d7
GET /jefanya-store/img/rewards/2zx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 95264
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
i.postimg.cc/8z99QCGw/20220817-215258.png
162.19.88.68200 OK 671 kB URL HTTP/2 i.postimg.cc/8z99QCGw/20220817-215258.png
IP 162.19.88.68:0
File type PNG image data, 1280 x 471, 8-bit/color RGBA, non-interlaced\012- data
Size 671 kB (670727 bytes)
Hash 0bb82873b3a3250469aa294d1ac0b210
fc806cfcde5a319779692105481322b7a09fb343
52561945862e047415d62f6a792a16bcf6aa4c6e73402c2d8848d52b29d0216a
GET /8z99QCGw/20220817-215258.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 06:44:21 GMT
content-type: image/png
content-length: 670727
last-modified: Wed, 17 Aug 2022 14:53:29 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
3.hpyub.live/jefanya-store/img/rewards/1zx.jpg
185.252.232.248200 OK 105 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/rewards/1zx.jpg
IP 185.252.232.248:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1090x1059, components 3\012- data
Size 105 kB (104900 bytes)
Hash c0219c6becfebc405bb28e0ae2190888
54b7d1e84eb972a79f6c77d19621a460aad2915d
6b0f5fb9587a896b7b87e6020aaa6e088081ffa71aff3e79d37bff58df170323
GET /jefanya-store/img/rewards/1zx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 104900
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/rewards/3zx.jpg
185.252.232.248200 OK 66 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/rewards/3zx.jpg
IP 185.252.232.248:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1090x1059, components 3\012- data
Hash 9bcfeb6217df88f62d368893d83d8ea2
705c5052c25397b3344f941b1a0c7551dba5153d
04d41ef3bc910f67a1a7416bcf0618718bf3e8d40b62e6b70a943a992956c3e5
GET /jefanya-store/img/rewards/3zx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 65650
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:44:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:44:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Hash 5b9fce771bd530ab9767e2b5aebd28c1
28ee5935b59df8b2d6876707e1f0f0e6768d2d31
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c
GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.hpyub.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 18:38:44 GMT
expires: Mon, 22 Jan 2024 18:38:44 GMT
cache-control: public, max-age=31536000
age: 129937
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.hpyub.live/jefanya-store/img/rewards/11zx.jpg
185.252.232.248200 OK 64 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/rewards/11zx.jpg
IP 185.252.232.248:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1090x1059, components 3\012- data
Hash 5aa19f7053556955648bfe9647bca27f
096caef486f309538a4e188e34984fafbd446b0f
31517e1aaaaeae1bcd14e7f1d3d2cc39c712d71ecb5f07cdc6dc780df6f66eef
GET /jefanya-store/img/rewards/11zx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 64314
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/rewards/12zx.jpg
185.252.232.248200 OK 48 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/rewards/12zx.jpg
IP 185.252.232.248:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1090x1059, components 3\012- data
Hash 0ad4f19d286acdeb5e0783cc222d64dd
cbc495956aa9f050cd451ca881f9d0c6803a9cf7
d4899511bcf37d2c2a7bab094894de870791023b4250dd79879399e4a202fc4d
GET /jefanya-store/img/rewards/12zx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 48305
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/contoll.jpg
185.252.232.248200 OK 9.7 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/contoll.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=469, software=PicsArt, orientation=upper-left, datetime=2022:12:15 12:57:12, width=352], baseline, precision 8, 352x469, components 3\012- data
Hash 11310cae91cae0cd362b88712ac9bffa
4474f7c81d32e79f2652e3eb9494ff61d95a4fdc
9eb701dcc49fca89372a03dc8b7998a1eaae3883364bcd90b479d46daf28d24b
GET /jefanya-store/img/contoll.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 9736
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.hpyub.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 21:07:45 GMT
expires: Mon, 22 Jan 2024 21:07:45 GMT
cache-control: public, max-age=31536000
age: 120996
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.hpyub.live/jefanya-store/img/event-theme01.png
185.252.232.248200 OK 47 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/event-theme01.png
IP 185.252.232.248:0
File type PNG image data, 1280 x 166, 8-bit/color RGBA, non-interlaced\012- data
Hash 490e0b8bb9f336f61a270f5b1a807d8a
a31d551a0878a89fb23a56b85b1e914da3aeeb02
880b2b6193e4ced1e184afee803f60e886352e3af9410400d563926035df5cf8
GET /jefanya-store/img/event-theme01.png HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/css/style.css
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 46845
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
3.hpyub.live/jefanya-store/img/rewards/9zx.jpg
185.252.232.248200 OK 170 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/rewards/9zx.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=1059, software=PicsArt, orientation=upper-left, datetime=2023:01:03 00:10:07, width=1090], baseline, precision 8, 1090x1059, components 3\012- data
Size 170 kB (170180 bytes)
Hash 5e711b5f2794fc279831e6cc4507cdf9
403d4f187ca334ccf56828c5a28eae47b1b4af1b
cb0aa005aeab5b05a9557ab8a591c47e99fba077564af52dffa84898eb8a36ce
GET /jefanya-store/img/rewards/9zx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 170180
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.18.10.207200 OK 77 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.18.10.207:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.hpyub.live
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 06:44:21 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 63589ff80739c92ca0f8c3e90ca04504
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78e6ccd29836b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.hpyub.live/jefanya-store/img/btn_mmx.jpg
185.252.232.248200 OK 70 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/btn_mmx.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=0, orientation=[*0*], width=0], baseline, precision 8, 679x382, components 3\012- data
Hash 9ba45134d3d80b2d02ec2b340be32802
12bd2268e0ba81673edcc57d6478f22a3450863b
fd1a460d63cbbc99468089a42c68c6a81d52591f0fa7fb22f6e3280989e734bc
GET /jefanya-store/img/btn_mmx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/css/style.css
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 69644
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/alert.jpg
185.252.232.248200 OK 70 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/alert.jpg
IP 185.252.232.248:0
File type PNG image data, 645 x 123, 8-bit/color RGBA, non-interlaced\012- data
Hash 4cfefdf37501193ddb59518b81f634be
bf1c712d83400ae46d877c57b97dcb1ae3892646
babdad149dc8f352c09cf36f5fb531775b5fe9d6897a3a4c6ea017893b7277ef
GET /jefanya-store/img/alert.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 69490
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
i.ibb.co/Wg8qQxh/facebook-text.png
162.19.58.160200 OK 29 kB URL HTTP/2 i.ibb.co/Wg8qQxh/facebook-text.png
IP 162.19.58.160:0
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 06:44:21 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
3.hpyub.live/jefanya-store/img/popup-navbar1.png
185.252.232.248200 OK 252 B URL HTTP/1.1 3.hpyub.live/jefanya-store/img/popup-navbar1.png
IP 185.252.232.248:0
File type PNG image data, 600 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash 86115524ea384057e51101865034426e
18464626dc0e625c126993b7d26a4e1f61f828fd
d6951ece4fdb285ec5490e597e38a4158355a47de1946b086ed71fd9cec10274
GET /jefanya-store/img/popup-navbar1.png HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/css/style.css
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 252
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
i.ibb.co/V9rgBqw/twitter-text.png
162.19.58.160200 OK 4.3 kB URL HTTP/2 i.ibb.co/V9rgBqw/twitter-text.png
IP 162.19.58.160:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 06:44:21 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
3.hpyub.live/jefanya-store/img/popup-box-bg153.png
185.252.232.248200 OK 115 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/popup-box-bg153.png
IP 185.252.232.248:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1624x721, components 3\012- data
Size 115 kB (115200 bytes)
Hash 71055522b1c3b8d13a745c041ee54153
f1ec376bba6831d292c51ef34300436938e95e3a
4c161e4b5613d8e41bd3906bb31dff7945fc8261d795ea4d6d2b4ae00f89d5de
GET /jefanya-store/img/popup-box-bg153.png HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/css/style.css
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 115200
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
3.hpyub.live/jefanya-store/img/rewards/4zx.jpg
185.252.232.248200 OK 224 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/rewards/4zx.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=1059, software=PicsArt, orientation=upper-left, datetime=2023:01:10 19:23:13, width=1090], baseline, precision 8, 1090x1059, components 3\012- data
Size 224 kB (224138 bytes)
Hash 095f6c6d9cab367bed6a1be4e2b5e1e1
591c5e301530d96816b65448f79c0e5c01c68660
d1943d80aa452ed3607171b1f4dd816c0e066f6e92cdd2f356663a04f8b949a3
GET /jefanya-store/img/rewards/4zx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 224138
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/log.jpg
185.252.232.248200 OK 54 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/log.jpg
IP 185.252.232.248:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3\012- data
Hash 4511c6cadf17a4d5a00887af7ec3f804
094331f330f8f361d7caef2363f02516c7e3fd0e
e18e70580a9943863f8a143e4d1eea7fa213ed4e82a735b70540390d4fa8202f
GET /jefanya-store/img/log.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 53812
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
3.hpyub.live/jefanya-store/img/rewards/5zx.jpg
185.252.232.248200 OK 296 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/rewards/5zx.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=1059, software=PicsArt, orientation=upper-left, datetime=2023:01:10 19:17:56, width=1090], baseline, precision 8, 1090x1059, components 3\012- data
Size 296 kB (295562 bytes)
Hash 68b8880be1ffd97acc7481dd2f6edd23
1767e3edd7013e3e5f8ad25b28531cb84f32a096
e36189bd83d3f3ca61a29875d5ae8374b6b972a6e2acddec1bc2ede81a0010c5
GET /jefanya-store/img/rewards/5zx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 295562
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:44:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 99c7f36a1fcbd7e7645f17340e217ba2
1ea5c4b1f5e861f01f54583805006a6d6dbaf122
f64943dca81faf70d09003038998b5caf7738c7c386c1c549fa00f38174024d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F64943DCA81FAF70D09003038998B5CAF7738C7C386C1C549FA00F38174024D4"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1956
Expires: Tue, 24 Jan 2023 07:16:57 GMT
Date: Tue, 24 Jan 2023 06:44:21 GMT
Connection: keep-alive
3.hpyub.live/jefanya-store/img/rewards/6zx.jpg
185.252.232.248200 OK 224 kB URL HTTP/1.1 3.hpyub.live/jefanya-store/img/rewards/6zx.jpg
IP 185.252.232.248:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=1059, software=PicsArt, orientation=upper-left, datetime=2022:11:10 12:57:06, width=1090], baseline, precision 8, 1090x1059, components 3\012- data
Size 224 kB (223550 bytes)
Hash c393ed2152d199f913399f1f4b79e154
ccee9de3b421f375e102b6656e77939fe22eb6c4
8326457d60cb46cb65c7ae1d2e233eefe831182e660815623b1c5e23415b440a
GET /jefanya-store/img/rewards/6zx.jpg HTTP/1.1
Host: 3.hpyub.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3.hpyub.live/jefanya-store/
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:44:21 GMT
Server: Apache
Last-Modified: Sat, 21 Jan 2023 23:58:52 GMT
Accept-Ranges: bytes
Content-Length: 223550
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 99c7f36a1fcbd7e7645f17340e217ba2
1ea5c4b1f5e861f01f54583805006a6d6dbaf122
f64943dca81faf70d09003038998b5caf7738c7c386c1c549fa00f38174024d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F64943DCA81FAF70D09003038998B5CAF7738C7C386C1C549FA00F38174024D4"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1956
Expires: Tue, 24 Jan 2023 07:16:57 GMT
Date: Tue, 24 Jan 2023 06:44:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 99c7f36a1fcbd7e7645f17340e217ba2
1ea5c4b1f5e861f01f54583805006a6d6dbaf122
f64943dca81faf70d09003038998b5caf7738c7c386c1c549fa00f38174024d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F64943DCA81FAF70D09003038998B5CAF7738C7C386C1C549FA00F38174024D4"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1956
Expires: Tue, 24 Jan 2023 07:16:57 GMT
Date: Tue, 24 Jan 2023 06:44:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 99c7f36a1fcbd7e7645f17340e217ba2
1ea5c4b1f5e861f01f54583805006a6d6dbaf122
f64943dca81faf70d09003038998b5caf7738c7c386c1c549fa00f38174024d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F64943DCA81FAF70D09003038998B5CAF7738C7C386C1C549FA00F38174024D4"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1956
Expires: Tue, 24 Jan 2023 07:16:57 GMT
Date: Tue, 24 Jan 2023 06:44:21 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:44:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 06:17:31 GMT
age: 1610
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Tue, 24 Jan 2023 06:44:21 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 25 Jan 2023 06:21:01 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Tue, 24 Jan 2023 08:44:21 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Tue, 24 Jan 2023 06:44:21 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 25 Jan 2023 06:21:01 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Tue, 24 Jan 2023 08:44:21 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Tue, 24 Jan 2023 06:44:21 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 25 Jan 2023 06:21:01 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Tue, 24 Jan 2023 08:44:21 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Tue, 24 Jan 2023 06:44:21 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 25 Jan 2023 06:21:01 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Tue, 24 Jan 2023 08:44:21 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb280016d8f12fa0a6ae86792ba89e67
53188091dab8e35ba20d2e341624777c2fb1536a
c28ed8dc9af97c7096f60030048432a41fb853e81ea91208e91493784d382bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1767
Cache-Control: max-age=96714
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:44:21 GMT
Etag: "63ce4e28-1d7"
Expires: Wed, 25 Jan 2023 09:36:15 GMT
Last-Modified: Mon, 23 Jan 2023 09:06:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.pubgmobile.com/common/images/icon_logo.jpg
23.36.76.171200 OK 982 kB URL HTTP/2 www.pubgmobile.com/common/images/icon_logo.jpg
IP 23.36.76.171:0
ASN #20940 Akamai International B.V.
File type JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size 982 kB (982437 bytes)
Hash b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d
GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=270
expires: Tue, 24 Jan 2023 06:48:52 GMT
date: Tue, 24 Jan 2023 06:44:22 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.216.49.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.49.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NjuRI9ksgretI4KeSGhztg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5BOW8faYLMkODCD5y/KwcZk0bAc=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5144
Expires: Tue, 24 Jan 2023 08:10:07 GMT
Date: Tue, 24 Jan 2023 06:44:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5144
Expires: Tue, 24 Jan 2023 08:10:07 GMT
Date: Tue, 24 Jan 2023 06:44:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5144
Expires: Tue, 24 Jan 2023 08:10:07 GMT
Date: Tue, 24 Jan 2023 06:44:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5144
Expires: Tue, 24 Jan 2023 08:10:07 GMT
Date: Tue, 24 Jan 2023 06:44:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5144
Expires: Tue, 24 Jan 2023 08:10:07 GMT
Date: Tue, 24 Jan 2023 06:44:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F482af31b-26f9-44ae-89f6-e5d525da0b94.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F482af31b-26f9-44ae-89f6-e5d525da0b94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 04af13ec975466fc3ef272576a3f152d
da2919e43cb4870ec1069a317a92972efeecf6a7
927033473cf2325ea89714abce53a15e95a0445982f974796e92d92b677e7ce5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F482af31b-26f9-44ae-89f6-e5d525da0b94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6979
x-amzn-requestid: 219af615-0af6-4614-912a-a92081806773
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyw-GPpIAMFo4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe6c-14cfd71a76ab5e5251061abf;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TFKy0afTWU8uW8Dgz1Cj11okMsTKfpBm8gx8v1ZDPg7a-lEWXaVA3g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:56:10 GMT
age: 31693
etag: "da2919e43cb4870ec1069a317a92972efeecf6a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 04:36:21 GMT
age: 7682
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 056caf4190dfd50ec8ccd4c81906a3aa
a913fcf6f7e4250c70ea97e55d0f1cce5b144c50
1747b399960d4953c1154e1185afd9429f519799ac443e486042bd64b31183ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7768
x-amzn-requestid: 1acc401a-ede6-4079-8bdc-cbee1b1bfab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-BF4coAMF72A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca859-32a96bef2c041ade5f0fb021;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQdVgDJdzOOTheWCkW74fbZMHZGsmvf87nNgpanQMVWIbpYBnwCUNg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 04:27:39 GMT
age: 8204
etag: "a913fcf6f7e4250c70ea97e55d0f1cce5b144c50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 462fc1946b8dbae49aa3cf22291fc707
400c6dc7973b36a5d3e43cc3b439da49ab6c76b5
88e13373963e8427baa4cdf19909eb297aafe035ec0376cbed6d4f4fa45dbd32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4381
x-amzn-requestid: 528fddee-8bac-466a-8f82-3d5bffab7ca4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFpFghoAMFSPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefef0-63f97c8409b808910ce8f50a;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: USeM1Ot6q0_lK_EdmyYfmyH-Aklt_yek7fg9ayjlDCPS9KobKbHCjA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:56:59 GMT
age: 31644
etag: "400c6dc7973b36a5d3e43cc3b439da49ab6c76b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:59:05 GMT
age: 31518
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c29ea116f715297b757c81dab8d1b5f3
6aae9d763dec58740cdfbfe46f6c69986b81414d
09afde8ec60dd1471e0ce33ed11ae4542b6813ad02e2abf037629a8ae5cfe240
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12102
x-amzn-requestid: 54ba881d-c54b-49fa-a5b3-20b8d80f2a35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyrNG1AIAMFxTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe47-1acbf1c34a4dbfdd506d3383;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ies4Oa0AiQaj9sEkpSZ-WZHMiRVYMV6IeLWDWq_G69cwBYi-RuKLGQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:08:04 GMT
age: 30979
etag: "6aae9d763dec58740cdfbfe46f6c69986b81414d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3.hpyub.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 06:44:21 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 19989415
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78e6ccd08ed70b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2