tei.ai/lHInJhR
104.21.12.229301 Moved Permanently 0 B IP 104.21.12.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lHInJhR HTTP/1.1
Host: tei.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 10:31:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 02 Dec 2022 11:31:21 GMT
Location: https://tei.ai/lHInJhR
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BaHh3dpO9H%2Fx1RU%2B1P4AIXEpvtSDcJAfJD0MRf18klt7t36oN%2FpQh5gvqD1FJy%2BvwlWrDn2hYt9d66AmeDvyBqr%2FMA0Og9khxGWYMQlATDHvT7IIkSDGFY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77336479be5f0b61-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12036
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 10:31:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9001
Expires: Fri, 02 Dec 2022 13:01:23 GMT
Date: Fri, 02 Dec 2022 10:31:22 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3567
Cache-Control: max-age=89957
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:22 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:30:39 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cM47jJGH2MnIM+9hQdCTye+2FaeuLmLbEaZIJIlzghQs3FMg5An+AA2YktG4S9DkboiUKIK6kBw=
x-amz-request-id: SCYK4QPNEKDDJVX9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 09:46:39 GMT
age: 2683
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 10:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 791
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a0b0d752b39c9a34d6efa8596c43c4b3
765775a81c3c88ea6aa80e844679dac61f5c40d5
d4c1f74298abf013c87b7a419fd15b0e969675259a52278384084655ef0f79fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=88911
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:22 GMT
Etag: "63888c49-117"
Expires: Sat, 03 Dec 2022 11:13:13 GMT
Last-Modified: Thu, 01 Dec 2022 11:13:13 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 10:11:15 GMT
cache-control: public,max-age=3600
age: 1207
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3555
Cache-Control: max-age=171287
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:22 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:06:09 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a0b0d752b39c9a34d6efa8596c43c4b3
765775a81c3c88ea6aa80e844679dac61f5c40d5
d4c1f74298abf013c87b7a419fd15b0e969675259a52278384084655ef0f79fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=88911
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:22 GMT
Etag: "63888c49-117"
Expires: Sat, 03 Dec 2022 11:13:13 GMT
Last-Modified: Thu, 01 Dec 2022 11:13:13 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dfae1fb52e7edbc2ef8a5e47f64f37df
af7b2d46e1cdf40ac3dd8fe9b6d0a0edb1259ff1
d5991b9025271986b6b467a9ed53614972aeb0dddf3d11c94ed61ac9ff05d7ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1778
Cache-Control: max-age=169143
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:22 GMT
Etag: "6389bec0-117"
Expires: Sun, 04 Dec 2022 09:30:25 GMT
Last-Modified: Fri, 02 Dec 2022 09:00:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
54.149.51.98101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.51.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: n0O4RLaU6uYrMAwA/FgU8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: No/piwd05bePBI06c3EPK0fvZDw=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10500
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 10:31:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10500
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 10:31:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10500
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 10:31:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10500
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 10:31:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 16236
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tuKmV_nb4HVbqkhtCnZY3b33VB-bB6UxaBl6HsY_JgWesbUB8SPt-g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:09:38 GMT
age: 44506
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 45688
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82ea44d6cb116fb1f5752ce9bb87e345
f799dfd89a4f5a452dc837b8616549f578fb4184
e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KnOx0PJ8BR9OoAzXfuWk_Je_yawqzY4isC0hYTZRvJ74YiVs8jqyIQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:25:42 GMT
age: 43542
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:21:56 GMT
age: 76168
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25c68d8b1fae82820f93efca500fd848
45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:54 GMT
age: 46590
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dfae1fb52e7edbc2ef8a5e47f64f37df
af7b2d46e1cdf40ac3dd8fe9b6d0a0edb1259ff1
d5991b9025271986b6b467a9ed53614972aeb0dddf3d11c94ed61ac9ff05d7ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4202
Cache-Control: max-age=171565
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:24 GMT
Etag: "6389bec0-117"
Expires: Sun, 04 Dec 2022 10:10:49 GMT
Last-Modified: Fri, 02 Dec 2022 09:00:48 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 37 kB IP 142.250.74.131:0
Hash 72991b9fe1c682a1c68e35f139994394
222c12c2e5eb31e582b5c741727a9440ac9f125c
41d54f61b67415ddefa73bb9b2d410cdc4cdf958d502fefd3fb4977c25c5954a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7977d77878f89bf1d00b8fad2958437c
0aa7b8267f9dd920306b2243e4c80db6017b3a20
703a8e3a5fed2901a85410fdb06b9ef69716da2d172aaf48adc620d22576d5f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "703A8E3A5FED2901A85410FDB06B9EF69716DA2D172AAF48ADC620D22576D5F2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1876
Expires: Fri, 02 Dec 2022 11:02:40 GMT
Date: Fri, 02 Dec 2022 10:31:24 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-113561579-8
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-113561579-8
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 4180b07de2aae2bd793f20114a78aa7a
b439a3d32f6ddc243087192b7127650937ac52f9
db43db97f2c9a883ee019a84ac256ede13bc3c63769a9a51e0f630bd56d27351
GET /gtag/js?id=UA-113561579-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 10:31:24 GMT
expires: Fri, 02 Dec 2022 10:31:24 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash afef193560ee99e920d7216738ef5a01
3a648d5a9edad7f694fd8c063159a5d1dacf2133
9019858a2a32dbadf2ee7d4a561876a7471429518fc946dfb96f2339cfabe924
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9019858A2A32DBADF2EE7D4A561876A7471429518FC946DFB96F2339CFABE924"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16706
Expires: Fri, 02 Dec 2022 15:09:50 GMT
Date: Fri, 02 Dec 2022 10:31:24 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 51 kB IP 142.250.74.131:0
Hash 1d932495790c3fcdc940dbe01bf90a58
25d00d530260939a94ee4f5f00573f905829c72b
a3a0c25df80478583481728a1fc88145138ce414e9e874810487243f748fd4bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4bfc2e9793ddc456322d579e5c4173ce
5e36a7ff4b24fc47a0e277ef15eeb5bdd9f80a81
292a80dd653a7d7d3a7c0bc1fa7f2b6a7f1bdff2dd599b362995c8875fd75e60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5422
Cache-Control: max-age=140052
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:25 GMT
Etag: "63893ee3-117"
Expires: Sun, 04 Dec 2022 01:25:37 GMT
Last-Modified: Thu, 01 Dec 2022 23:55:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ckk.ai/lHInJhR
188.114.96.1200 OK 100 kB IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63089), with CRLF, LF line terminators
Hash 27c90102f75f33c7844a6ba46cf6a703
d1913bf7caa9ec50d84154686cbcd5cae41e3218
ba387c3815a48cb78bd79deefb26990fad9c332698c392e23f6edda4a98cc757
GET /lHInJhR HTTP/1.1
Host: ckk.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 02 Dec 2022 10:31:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=6f1c6b03a68fa7e8c0a5ade84a108735; path=/; HttpOnly; secure
reflHInJhR=ZjJlNTQxNTJlY2IwMzZjMDE0MzVkYTU4ZDQ0ODg5MzhkMzIwMTE3MDlhNjExNWZmMDEyNGQ4MjFmY2JmZTA2M%2BuWZqZu2AMKHe53Q9dDCWcnfaaJRqRQ4TRjiDixBJyq; expires=Fri, 02-Dec-2022 10:36:23 GMT; Max-Age=300; path=/; HttpOnly; secure
csrfToken=a0e4416436edac422192d12ae4bcabcd3b15f232173fed4df54ce00e15d7a5e2d1d356c314a922bbd065dd037a56fa54d321b7118742bca0ffdb3f428dee54c2; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRKjB4c2k%2FBP5h0CqoCR%2BjAi4%2Bx4Bqp%2B%2BzPO4TIiZsBVudnDYwMMrrSlgYoaQZEnqQ5G3Q66ApJFFyG7ldyXfOmygNk3CXaJWVLRz9NdaELUAGRylsrECRE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773364804da9b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d1888f57699b437a1df1e2ba3475ace9
47cb0908f6b5b459a4ea595992658cd9fd7f82eb
cf89e61a6aeb1d50d21db23276450d454d30c33c36a7a6df82d153ec643489d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF89E61A6AEB1D50D21DB23276450D454D30C33C36A7A6DF82D153EC643489D0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8474
Expires: Fri, 02 Dec 2022 12:52:39 GMT
Date: Fri, 02 Dec 2022 10:31:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84b8b1043a96c760a6b85bc0b3265b85
d9f0338ffcd6cfb3c96bc66966b898d33162f204
e24a64d19f091946caed011ebcf469be2d35168aa12f90b02d9c1c9326afd867
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E24A64D19F091946CAED011EBCF469BE2D35168AA12F90B02D9C1C9326AFD867"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11441
Expires: Fri, 02 Dec 2022 13:42:06 GMT
Date: Fri, 02 Dec 2022 10:31:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7310d73783ea4b8c991bf436e753582c
d2d3b66c3f54161b07fad0594b434f4f39300142
c4dd5243c7d4b36cef8c8d621a5456e04147c99239706d0b0576fe847c18ca6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4DD5243C7D4B36CEF8C8D621A5456E04147C99239706D0B0576FE847C18CA6C"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Fri, 02 Dec 2022 11:48:55 GMT
Date: Fri, 02 Dec 2022 10:31:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ae362dcfc36c65824b06b3a446b76018
80f0c3404430a097f1c013ca2691d93db7da3dc9
23af03564e7b0e00f5136a553591440f4dfe606515e0c8929f6f895f89e22273
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6240
Cache-Control: max-age=171094
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:25 GMT
Etag: "6389b4f3-116"
Expires: Sun, 04 Dec 2022 10:02:59 GMT
Last-Modified: Fri, 02 Dec 2022 08:18:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
tzegilo.com/stattag.js
104.21.84.149200 OK 5.5 kB IP 104.21.84.149:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash b8d1c6f584455a67ff9199ea755f7dbe
82a25206c899e59b1505c7cac2211ab22a945e82
6eca01023b17159ae76243bbc3c38f4492bdf77092e8d60b70c5fb49c903e6bc
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 10:31:25 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 821
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTNQvuTmYSvS3j1aW86nA0tYa%2BNxzUioN0eFtLkAATDiEhVzBOft%2FqwXupjhy%2BB98c2ZdrvcvTgGxGjMkhogexDQ%2FUPsB2nA7SvioCcdIzz35s52cJuNnRYgzMs2gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7733648f8d80b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upgulpinon.com/27/1ead059fa749da4c72410ffa55976f24
139.45.197.242200 OK 124 kB URL HTTP/2 upgulpinon.com/27/1ead059fa749da4c72410ffa55976f24
IP 139.45.197.242:0
Size 124 kB (123940 bytes)
Hash bbae3817524442a75aa7b8b15ceac7fc
c8130825d9013eca915e8650310545e9d098938c
19883f82a21208b6034ceabc74c0e80b6ebe8b83a3a90b6acf261c75e026f6eb
GET /27/1ead059fa749da4c72410ffa55976f24 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=8f98aa93febf498b99923907ea9aee97; oaidts=1669977084
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:25 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 02 Dec 2022 03:31:44 GMT
expires: Fri, 01 Jan 2083 03:31:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13903
Expires: Fri, 02 Dec 2022 14:23:08 GMT
Date: Fri, 02 Dec 2022 10:31:25 GMT
Connection: keep-alive
iclickcdn.com/tag.min.js
104.26.12.118200 OK 26 kB IP 104.26.12.118:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f86db375c02fc49aec9f7e6544cc44a6
e68996e17faf5a5e6a63a9f8d3b9811c8484a731
22b465ecd3a84bbcbbac079df57882e73231bd066d134ff73f3e9fb064d42486
GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 10:31:25 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: b32d03b7214a2e7ff2fefb3615a54e08
cache-control: max-age=86400
last-modified: Thu, 01 Dec 2022 14:00:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 03 Dec 2022 06:04:07 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 16038
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srKWfRmkpI5YhtzgZs26w%2FgJptmYwpo6k1SHblbtm3zP5jbI7dIzxBCOFVEvjHAVI2Pi5pb9qqazJz2I8WkU34E9R2b0CsxScz5Boiq0AbJm7WOBqkunsaXNKo7%2BqBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7733648d58afb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 75ce90bda678ae2cad0350c65677c2f5
e884d68bf5c67bc7cc4357cf5238c27aed2f922d
7c9551068f35ec2075262639e8f895ae716d996ebbe3b971da7fbf3546edca68
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:25 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c65cff9ca6c4476ca341b24ef9e0fd13; expires=Sat, 02 Dec 2023 10:31:25 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
forfrogadiertor.com/400/5533285
139.45.197.239200 OK 98 kB URL HTTP/2 forfrogadiertor.com/400/5533285
IP 139.45.197.239:0
Hash 7147721af5418a5b202755615dd34265
2c2bc6de358c512730f2b1195fecf970f1b52e50
4763b9bd43b50f22bddcd099b801187887d7e0604274ec29f8587ed2f58ba3cd
GET /400/5533285 HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:25 GMT
content-type: application/javascript
x-trace-id: bfd77a26be94f0d2094e0c71d378f3b9
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f2ca0beb8d1c484081035bd20fa2c1bb; expires=Sat, 02 Dec 2023 10:31:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e7f182bc423c8e0b694072f316dfbf3c
cea3572598e1b5c8c5249cabf5ea99e56dc7e02d
02b4ac24bfa51f27fc2e507fb5d923751a9f6566eb98f3b8255a7d05f42d85c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 10:31:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 12:52:22 GMT
Expires: Thu, 08 Dec 2022 12:52:21 GMT
Etag: "cea3572598e1b5c8c5249cabf5ea99e56dc7e02d"
Cache-Control: max-age=526255,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77336491ed78b4e8-OSL
upgulpinon.com/1?z=5324394
139.45.197.242200 OK 6.9 kB URL HTTP/2 upgulpinon.com/1?z=5324394
IP 139.45.197.242:0
Hash dee36ae185c1d72ef3ccdc898e31b7f7
34493459d99f0e48b0b211bc44e67a6787f45cd3
f932153fa5d9d82b3266ac7c7d18e34d1deab5ffa8d28094d84012904c1e70f6
GET /1?z=5324394 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:24 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 8c7ac54d1e19dc466dc966078545d908
access-control-expose-headers: X-Sc
x-sc: x5pEtc8qMl_ZU5555flpuAjcw6Vd2d-E4Wb_Bn7Z1RRgGKFAYejtXuy2YyDaR3gQXLIFHlXl8Aq9ESD-_AzNbcAdX1g=
set-cookie: scm=1; expires=Sat, 02 Dec 2023 10:31:24 GMT; secure; SameSite=None
OAID=8f98aa93febf498b99923907ea9aee97; expires=Sat, 02 Dec 2023 10:31:24 GMT; secure; SameSite=None
oaidts=1669977084; expires=Sat, 02 Dec 2023 10:31:24 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=c65cff9ca6c4476ca341b24ef9e0fd13
139.45.197.242200 OK 3.2 kB URL HTTP/2 upgulpinon.com/9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=c65cff9ca6c4476ca341b24ef9e0fd13
IP 139.45.197.242:0
Hash e16502596cc2b246d77182a16036b682
b2b39cba4cf6ebcf5beab595e4baf7e7e669bf0f
48f9125ba649968ece710a8bd21eb80fd5d38dca0a386758e48f2268ce88df9b
POST /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=c65cff9ca6c4476ca341b24ef9e0fd13 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 52
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=8f98aa93febf498b99923907ea9aee97; oaidts=1669977084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:25 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f438a15b2eaf446e8d96c5cd5b141cb9
access-control-expose-headers: X-Sc
set-cookie: OAID=c65cff9ca6c4476ca341b24ef9e0fd13; expires=Sat, 02 Dec 2023 10:31:25 GMT; secure; SameSite=None
oaidts=1669977084; expires=Sat, 02 Dec 2023 10:31:25 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
forfrogadiertor.com/500/5533285?excludes=&oaid=c65cff9ca6c4476ca341b24ef9e0fd13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 forfrogadiertor.com/500/5533285?excludes=&oaid=c65cff9ca6c4476ca341b24ef9e0fd13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5533285?excludes=&oaid=c65cff9ca6c4476ca341b24ef9e0fd13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:25 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
upgulpinon.com/11?rnd=746182778&z=5324394&b=15912120&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=_AAzDEaUC0HUWdYKfA6Yx8elcg4scpfQwgn_8emTv_AvtkTmZDsgmKra0PXY9XZwxxpoEkEvZ7GU6psXfKaWDZ_5rzBvqh28r3qHAhoi13Nan_kk2zvnOGjdKiP5PRNfiauEcUjbu-m_K-I3MU2joTz5lumhPNpQUVDE9WM50dR1RjiMShStdBi0GAkDySWsVLtou3ZTWfELgpPPJldyeA3bVrIGKGIZT_RdqoLYpdNO67hSwmtWVpIAPnnPlDHa22R1ojBr-Y0ks3kBvvsRELJ7U3vu8u5bO_Qeb-z-Z9bsc2NmWr13E3yc5ovby0Hlq0EUToF-zjsBOUxtraxjY5idGtbHeTeBXazxMJlftKuGLw9JDW9_E5ReiBAZvLIaqWVO9InzaqSWQz-YGugRD3Cum4s1-sEvH55wNIdx4fLep7qBHdfrF6tzzbUy-j6nXj7pyEvxno5ql42yzbp36UmnBcjCrtpKzV-sVLQ97lsrUzmbAeHfTnNiaTnSOmpzVWsarA5ZOirVRzmE-J587Pa_ZRDHHMgN7ouBjH247g0HXkQ3eusxiyNj4Sp5Oppr2Az6gCVtbX_cXhnCtlXVH_oOqNOG398uwic3IjQFoDctFmhyi6ZPHLfe7gW62pm8ssi-AMZqQ8jpGGldo0cjig==&ruid=e8b899d3-c067-4082-8442-e8b3d2cd377c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=174
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=746182778&z=5324394&b=15912120&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=_AAzDEaUC0HUWdYKfA6Yx8elcg4scpfQwgn_8emTv_AvtkTmZDsgmKra0PXY9XZwxxpoEkEvZ7GU6psXfKaWDZ_5rzBvqh28r3qHAhoi13Nan_kk2zvnOGjdKiP5PRNfiauEcUjbu-m_K-I3MU2joTz5lumhPNpQUVDE9WM50dR1RjiMShStdBi0GAkDySWsVLtou3ZTWfELgpPPJldyeA3bVrIGKGIZT_RdqoLYpdNO67hSwmtWVpIAPnnPlDHa22R1ojBr-Y0ks3kBvvsRELJ7U3vu8u5bO_Qeb-z-Z9bsc2NmWr13E3yc5ovby0Hlq0EUToF-zjsBOUxtraxjY5idGtbHeTeBXazxMJlftKuGLw9JDW9_E5ReiBAZvLIaqWVO9InzaqSWQz-YGugRD3Cum4s1-sEvH55wNIdx4fLep7qBHdfrF6tzzbUy-j6nXj7pyEvxno5ql42yzbp36UmnBcjCrtpKzV-sVLQ97lsrUzmbAeHfTnNiaTnSOmpzVWsarA5ZOirVRzmE-J587Pa_ZRDHHMgN7ouBjH247g0HXkQ3eusxiyNj4Sp5Oppr2Az6gCVtbX_cXhnCtlXVH_oOqNOG398uwic3IjQFoDctFmhyi6ZPHLfe7gW62pm8ssi-AMZqQ8jpGGldo0cjig==&ruid=e8b899d3-c067-4082-8442-e8b3d2cd377c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=174
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=746182778&z=5324394&b=15912120&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=_AAzDEaUC0HUWdYKfA6Yx8elcg4scpfQwgn_8emTv_AvtkTmZDsgmKra0PXY9XZwxxpoEkEvZ7GU6psXfKaWDZ_5rzBvqh28r3qHAhoi13Nan_kk2zvnOGjdKiP5PRNfiauEcUjbu-m_K-I3MU2joTz5lumhPNpQUVDE9WM50dR1RjiMShStdBi0GAkDySWsVLtou3ZTWfELgpPPJldyeA3bVrIGKGIZT_RdqoLYpdNO67hSwmtWVpIAPnnPlDHa22R1ojBr-Y0ks3kBvvsRELJ7U3vu8u5bO_Qeb-z-Z9bsc2NmWr13E3yc5ovby0Hlq0EUToF-zjsBOUxtraxjY5idGtbHeTeBXazxMJlftKuGLw9JDW9_E5ReiBAZvLIaqWVO9InzaqSWQz-YGugRD3Cum4s1-sEvH55wNIdx4fLep7qBHdfrF6tzzbUy-j6nXj7pyEvxno5ql42yzbp36UmnBcjCrtpKzV-sVLQ97lsrUzmbAeHfTnNiaTnSOmpzVWsarA5ZOirVRzmE-J587Pa_ZRDHHMgN7ouBjH247g0HXkQ3eusxiyNj4Sp5Oppr2Az6gCVtbX_cXhnCtlXVH_oOqNOG398uwic3IjQFoDctFmhyi6ZPHLfe7gW62pm8ssi-AMZqQ8jpGGldo0cjig==&ruid=e8b899d3-c067-4082-8442-e8b3d2cd377c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=174 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=c65cff9ca6c4476ca341b24ef9e0fd13; oaidts=1669977084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:25 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5d81bb54475f5e2c86d30d765c2b47d8
access-control-expose-headers: X-Sc
set-cookie: OAID=c65cff9ca6c4476ca341b24ef9e0fd13; expires=Sat, 02 Dec 2023 10:31:25 GMT; secure; SameSite=None
oaidts=1669977084; expires=Sat, 02 Dec 2023 10:31:25 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b411ab32a7dfa1bf6aca3fcf51cf70fc
29e86fbbc654609a3f7344e580895b49a67d26cc
78fe5f94cb20f53d0e16f581ce11602e59356be6770d626ec237b343058fba15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78FE5F94CB20F53D0E16F581CE11602E59356BE6770D626EC237B343058FBA15"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7118
Expires: Fri, 02 Dec 2022 12:30:04 GMT
Date: Fri, 02 Dec 2022 10:31:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2493dbbe263359830a920dc8d1cba77f
cd02937f68bf929c4b66d8be5e18e89dac426e15
228a59817ef96a923684372317b6bfb838124c43708ff21c588edd67ce44dae5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3446
Cache-Control: max-age=142376
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:26 GMT
Etag: "63894fb0-118"
Expires: Sun, 04 Dec 2022 02:04:22 GMT
Last-Modified: Fri, 02 Dec 2022 01:06:56 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
oaphoace.net/500/5292343?excludes=&oaid=c65cff9ca6c4476ca341b24ef9e0fd13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 oaphoace.net/500/5292343?excludes=&oaid=c65cff9ca6c4476ca341b24ef9e0fd13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5292343?excludes=&oaid=c65cff9ca6c4476ca341b24ef9e0fd13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:26 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
104.22.33.172200 OK 43 kB URL HTTP/2 offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
IP 104.22.33.172:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e27e78d3b01907b714b7d939d7eed85d
2d4aa0d84925e5031861258c341788450ba8b43c
37024bac32f0cc3299c2492471b40e6beb2fd7b3cb73b172d68207e87cdfd6e6
GET /www/images/e27e78d3b01907b714b7d939d7eed85d.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 10:31:26 GMT
content-type: image/png
content-length: 43157
last-modified: Sun, 27 Sep 2020 15:59:04 GMT
etag: "5f70b6c8-a895"
expires: Sat, 03 Dec 2022 09:20:18 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 4268
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773364947f6598fc-ARN
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 08:41:08 GMT
expires: Fri, 02 Dec 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 6618
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9e729d174caef9d1ac25d36c92865de8
d5171df430985e77a3eaaf88dbfbe5cd12f20b09
8c31e9e74c5a5660a0c62b67ce75be5f6d90b4266f864cf0c00be803d1a7dfaa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce4664ff78f43f330fe8110c920f96c8
8d95283944a9217b18b8aeb68c17992b79ab5638
a855f987a1c193780de746a84c4693da05cbc5b3dd9d97d769918441be33ea9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A855F987A1C193780DE746A84C4693DA05CBC5B3DD9D97D769918441BE33EA9B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3347
Expires: Fri, 02 Dec 2022 11:27:13 GMT
Date: Fri, 02 Dec 2022 10:31:26 GMT
Connection: keep-alive
interstitial-07.com/contents/s/cf/e3/c6/357c4eaea3ed3e2e344967417e/0425459167440.jpeg
139.45.197.151200 OK 54 kB URL HTTP/2 interstitial-07.com/contents/s/cf/e3/c6/357c4eaea3ed3e2e344967417e/0425459167440.jpeg
IP 139.45.197.151:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash cfe3c6357c4eaea3ed3e2e344967417e
1d4d9f3ab0e0a6e3d346b3c2540ebbe07ebd6109
d0388861931b832e7f50a4cb01f46a670c370c0516ac8e5692d062c3c07ceba6
GET /contents/s/cf/e3/c6/357c4eaea3ed3e2e344967417e/0425459167440.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=gu5ZOhxRhyZWkJo&cd_meta_crid=50541&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D3588272328%26z%3D5324394%26b%3D15912120%26c%3D6371413%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1302%2526key%253Dd023848fea357bc127d206614e0f1d47%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D_AAzDEaUC0HUWdYKfA6Yx8elcg4scpfQwgn_8emTv_AvtkTmZDsgmKra0PXY9XZwxxpoEkEvZ7GU6psXfKaWDZ_5rzBvqh28r3qHAhoi13Nan_kk2zvnOGjdKiP5PRNfiauEcUjbu-m_K-I3MU2joTz5lumhPNpQUVDE9WM50dR1RjiMShStdBi0GAkDySWsVLtou3ZTWfELgpPPJldyeA3bVrIGKGIZT_RdqoLYpdNO67hSwmtWVpIAPnnPlDHa22R1ojBr-Y0ks3kBvvsRELJ7U3vu8u5bO_Qeb-z-Z9bsc2NmWr13E3yc5ovby0Hlq0EUToF-zjsBOUxtraxjY5idGtbHeTeBXazxMJlftKuGLw9JDW9_E5ReiBAZvLIaqWVO9InzaqSWQz-YGugRD3Cum4s1-sEvH55wNIdx4fLep7qBHdfrF6tzzbUy-j6nXj7pyEvxno5ql42yzbp36UmnBcjCrtpKzV-sVLQ97lsrUzmbAeHfTnNiaTnSOmpzVWsarA5ZOirVRzmE-J587Pa_ZRDHHMgN7ouBjH247g0HXkQ3eusxiyNj4Sp5Oppr2Az6gCVtbX_cXhnCtlXVH_oOqNOG398uwic3IjQFoDctFmhyi6ZPHLfe7gW62pm8ssi-AMZqQ8jpGGldo0cjig%3D%3D%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3De8b899d3-c067-4082-8442-e8b3d2cd377c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fckk.ai%252FlHInJhR%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:26 GMT
content-type: image/jpeg
content-length: 54466
last-modified: Wed, 13 Apr 2022 02:17:27 GMT
vary: Accept-Encoding
etag: "625632b7-d4c2"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=_OalyUtAumQiakMXSujq50_fOFe9hqW3dhQYPcSXRzlSrufbej028oDNDIvpSuWagpMv7PHpDPStkt2g9wjAV8tY3YyI7uEz2N1Gffak79MMOOciqKUieXiIPGsB-jtknthA8KzuqFZcO90Ats7C3W-zNQbPVCZ1FU04VdMyBnkz0k21mpFSm4XyG4TuyVdOrC9VNv7175mhDDleSEGhP_lpZNUSl7k1Ohz77A%3D%3D&request_ab2=96003&zoneid=3491150&js_build=iclick-v1.457.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.457.0&bs=8f75c5f4-17cc-420a-91dd-22688d713dab&userId=c65cff9ca6c4476ca341b24ef9e0fd13&m=link
139.45.197.243200 OK 5.6 kB URL HTTP/2 onmarshtompor.com/?rb=_OalyUtAumQiakMXSujq50_fOFe9hqW3dhQYPcSXRzlSrufbej028oDNDIvpSuWagpMv7PHpDPStkt2g9wjAV8tY3YyI7uEz2N1Gffak79MMOOciqKUieXiIPGsB-jtknthA8KzuqFZcO90Ats7C3W-zNQbPVCZ1FU04VdMyBnkz0k21mpFSm4XyG4TuyVdOrC9VNv7175mhDDleSEGhP_lpZNUSl7k1Ohz77A%3D%3D&request_ab2=96003&zoneid=3491150&js_build=iclick-v1.457.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.457.0&bs=8f75c5f4-17cc-420a-91dd-22688d713dab&userId=c65cff9ca6c4476ca341b24ef9e0fd13&m=link
IP 139.45.197.243:0
Hash 747a6c74a1ddda72032d522cf290ae56
16326919ed3c26e34c28e54da5f6aba336aac812
ec3df38b80919a070ae121cd8be76be4b4889c8d9a94205a2d0adb37af969466
GET /?rb=_OalyUtAumQiakMXSujq50_fOFe9hqW3dhQYPcSXRzlSrufbej028oDNDIvpSuWagpMv7PHpDPStkt2g9wjAV8tY3YyI7uEz2N1Gffak79MMOOciqKUieXiIPGsB-jtknthA8KzuqFZcO90Ats7C3W-zNQbPVCZ1FU04VdMyBnkz0k21mpFSm4XyG4TuyVdOrC9VNv7175mhDDleSEGhP_lpZNUSl7k1Ohz77A%3D%3D&request_ab2=96003&zoneid=3491150&js_build=iclick-v1.457.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.457.0&bs=8f75c5f4-17cc-420a-91dd-22688d713dab&userId=c65cff9ca6c4476ca341b24ef9e0fd13&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:25 GMT
content-type: application/json
x-trace-id: bdab1eff2cecd147cff0c1a34e194d53
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=c65cff9ca6c4476ca341b24ef9e0fd13; expires=Sat, 02 Dec 2023 10:31:25 GMT; path=/; secure; SameSite=None
oaidts=1669977085; expires=Sat, 02 Dec 2023 10:31:25 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 09 Dec 2022 10:31:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1254808820&t=pageview&_s=1&dl=https%3A%2F%2Fckk.ai%2FlHInJhR&ul=en-us&de=UTF-8&dt=Loan2Host&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=181645290&gjid=1503924131&cid=261976641.1669977085&tid=UA-113561579-8&_gid=1230546356.1669977085&_r=1>m=2oubu0&z=213887816
142.250.74.110200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1254808820&t=pageview&_s=1&dl=https%3A%2F%2Fckk.ai%2FlHInJhR&ul=en-us&de=UTF-8&dt=Loan2Host&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=181645290&gjid=1503924131&cid=261976641.1669977085&tid=UA-113561579-8&_gid=1230546356.1669977085&_r=1>m=2oubu0&z=213887816
IP 142.250.74.110:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1254808820&t=pageview&_s=1&dl=https%3A%2F%2Fckk.ai%2FlHInJhR&ul=en-us&de=UTF-8&dt=Loan2Host&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=181645290&gjid=1503924131&cid=261976641.1669977085&tid=UA-113561579-8&_gid=1230546356.1669977085&_r=1>m=2oubu0&z=213887816 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://ckk.ai
date: Fri, 02 Dec 2022 10:31:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg
104.22.33.172200 OK 11 kB URL HTTP/2 offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg
IP 104.22.33.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 192x192, components 3\012- data
Hash 2fed87d8d9131d075b72354b838c2d77
69624c46c1556c35c67e85724451cce20ad405ec
8adac582983620ad0421a1be7648f58c731feaf3de0bf027ebefe412505b01ed
GET /www/images/2fed87d8d9131d075b72354b838c2d77.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 10:31:26 GMT
content-type: image/jpeg
content-length: 10853
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62b2c84c-2a65"
expires: Sat, 03 Dec 2022 08:28:05 GMT
last-modified: Wed, 22 Jun 2022 07:44:12 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 7401
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7733649568dc98fc-ARN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9e729d174caef9d1ac25d36c92865de8
d5171df430985e77a3eaaf88dbfbe5cd12f20b09
8c31e9e74c5a5660a0c62b67ce75be5f6d90b4266f864cf0c00be803d1a7dfaa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:31:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unphionetor.com/fv.js?t=72747&cb=1473427645
139.45.197.236200 OK 2.6 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=1473427645
IP 139.45.197.236:0
Hash 456af11d4e51f6a461a8685afad1ea2c
d72ff847ea89810de7301bff24229a63f14c91be
0082d9f1f79aa04e523a656f177b4a40fda45d84f9cbaba1d7bcd5492db12b50
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=1473427645 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:26 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 8aa4e61475f328292dcf097a40228cce
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 10:31:26 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 8a8245da45c57e4af40225fd7ff5f4e2
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 314489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
upgulpinon.com/11?rnd=746182778&z=5324394&b=15912120&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=_AAzDEaUC0HUWdYKfA6Yx8elcg4scpfQwgn_8emTv_AvtkTmZDsgmKra0PXY9XZwxxpoEkEvZ7GU6psXfKaWDZ_5rzBvqh28r3qHAhoi13Nan_kk2zvnOGjdKiP5PRNfiauEcUjbu-m_K-I3MU2joTz5lumhPNpQUVDE9WM50dR1RjiMShStdBi0GAkDySWsVLtou3ZTWfELgpPPJldyeA3bVrIGKGIZT_RdqoLYpdNO67hSwmtWVpIAPnnPlDHa22R1ojBr-Y0ks3kBvvsRELJ7U3vu8u5bO_Qeb-z-Z9bsc2NmWr13E3yc5ovby0Hlq0EUToF-zjsBOUxtraxjY5idGtbHeTeBXazxMJlftKuGLw9JDW9_E5ReiBAZvLIaqWVO9InzaqSWQz-YGugRD3Cum4s1-sEvH55wNIdx4fLep7qBHdfrF6tzzbUy-j6nXj7pyEvxno5ql42yzbp36UmnBcjCrtpKzV-sVLQ97lsrUzmbAeHfTnNiaTnSOmpzVWsarA5ZOirVRzmE-J587Pa_ZRDHHMgN7ouBjH247g0HXkQ3eusxiyNj4Sp5Oppr2Az6gCVtbX_cXhnCtlXVH_oOqNOG398uwic3IjQFoDctFmhyi6ZPHLfe7gW62pm8ssi-AMZqQ8jpGGldo0cjig==&ruid=e8b899d3-c067-4082-8442-e8b3d2cd377c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=746182778&z=5324394&b=15912120&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=_AAzDEaUC0HUWdYKfA6Yx8elcg4scpfQwgn_8emTv_AvtkTmZDsgmKra0PXY9XZwxxpoEkEvZ7GU6psXfKaWDZ_5rzBvqh28r3qHAhoi13Nan_kk2zvnOGjdKiP5PRNfiauEcUjbu-m_K-I3MU2joTz5lumhPNpQUVDE9WM50dR1RjiMShStdBi0GAkDySWsVLtou3ZTWfELgpPPJldyeA3bVrIGKGIZT_RdqoLYpdNO67hSwmtWVpIAPnnPlDHa22R1ojBr-Y0ks3kBvvsRELJ7U3vu8u5bO_Qeb-z-Z9bsc2NmWr13E3yc5ovby0Hlq0EUToF-zjsBOUxtraxjY5idGtbHeTeBXazxMJlftKuGLw9JDW9_E5ReiBAZvLIaqWVO9InzaqSWQz-YGugRD3Cum4s1-sEvH55wNIdx4fLep7qBHdfrF6tzzbUy-j6nXj7pyEvxno5ql42yzbp36UmnBcjCrtpKzV-sVLQ97lsrUzmbAeHfTnNiaTnSOmpzVWsarA5ZOirVRzmE-J587Pa_ZRDHHMgN7ouBjH247g0HXkQ3eusxiyNj4Sp5Oppr2Az6gCVtbX_cXhnCtlXVH_oOqNOG398uwic3IjQFoDctFmhyi6ZPHLfe7gW62pm8ssi-AMZqQ8jpGGldo0cjig==&ruid=e8b899d3-c067-4082-8442-e8b3d2cd377c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=746182778&z=5324394&b=15912120&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=_AAzDEaUC0HUWdYKfA6Yx8elcg4scpfQwgn_8emTv_AvtkTmZDsgmKra0PXY9XZwxxpoEkEvZ7GU6psXfKaWDZ_5rzBvqh28r3qHAhoi13Nan_kk2zvnOGjdKiP5PRNfiauEcUjbu-m_K-I3MU2joTz5lumhPNpQUVDE9WM50dR1RjiMShStdBi0GAkDySWsVLtou3ZTWfELgpPPJldyeA3bVrIGKGIZT_RdqoLYpdNO67hSwmtWVpIAPnnPlDHa22R1ojBr-Y0ks3kBvvsRELJ7U3vu8u5bO_Qeb-z-Z9bsc2NmWr13E3yc5ovby0Hlq0EUToF-zjsBOUxtraxjY5idGtbHeTeBXazxMJlftKuGLw9JDW9_E5ReiBAZvLIaqWVO9InzaqSWQz-YGugRD3Cum4s1-sEvH55wNIdx4fLep7qBHdfrF6tzzbUy-j6nXj7pyEvxno5ql42yzbp36UmnBcjCrtpKzV-sVLQ97lsrUzmbAeHfTnNiaTnSOmpzVWsarA5ZOirVRzmE-J587Pa_ZRDHHMgN7ouBjH247g0HXkQ3eusxiyNj4Sp5Oppr2Az6gCVtbX_cXhnCtlXVH_oOqNOG398uwic3IjQFoDctFmhyi6ZPHLfe7gW62pm8ssi-AMZqQ8jpGGldo0cjig==&ruid=e8b899d3-c067-4082-8442-e8b3d2cd377c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=c65cff9ca6c4476ca341b24ef9e0fd13; oaidts=1669977084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:26 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e84c5ea296ecdeea2e9888d29c01e1b0
access-control-expose-headers: X-Sc
set-cookie: OAID=c65cff9ca6c4476ca341b24ef9e0fd13; expires=Sat, 02 Dec 2023 10:31:26 GMT; secure; SameSite=None
oaidts=1669977084; expires=Sat, 02 Dec 2023 10:31:26 GMT; secure; SameSite=None
oaidvc=1; expires=Sat, 02 Dec 2023 10:31:26 GMT; secure; SameSite=None
CNT=1_v1_uMzyAAEAAACAS0AA; expires=Fri, 02 Dec 2022 11:31:26 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 10:31:26 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 17a36098c2faa557ce8e0feb5e8491a4
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
oaphoace.net/impression/Umrdc-fwNmKb3o1Io87J7yQmkAo8XwZ9Ln6N95fySpxOe3bHLzZFzfzieOl6rnA22xHHpcnbDzWe1xOkAFpa0g5iSsTVnWL1F4U-plTBriC8QTutXpCG9SHwxRBxDeYZCikeXIiRv3VTsGsfy_NAmA9OXaHvx9Y7BLBKDomB3aNUcZoIBylgnWBjvUURVuqnukBQYc2XArh3rTJzwceHvrh-DoJZruSRlAfiYQuP6Q84X5Q2pjWnEm8EJncb44bdaIN4No-I4tij-457FE6zSz8BlwizKene1-EPXpOSZ5DNh6VHJyU0BmQgnrTRuMkBIXQZU8YYkAJeQzo0b_zvxwKPPYMjQo0c9RhWSlgxFDYASO0Prel1vvN97XRBztpj4gQkIbdE3mTnOmIyiRmcpCj_1D97xjI9V2Lg_2deGsRAejkR84BOuKmtwo0zlBKI6AfljDssFc0-u-oEqOPfKgonStDN8QrSrZFQmz-LsmrHjIkOhFEdvF6cBgG4ebO8KGnduYFHdMDScUmWTV93nuut_XUA3WnqWMx2j0ZsR7X6iiqX0m1i4fJTMJZEeLIcqaYpXR3V8dnKbVzSdKVVdQ==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 oaphoace.net/impression/Umrdc-fwNmKb3o1Io87J7yQmkAo8XwZ9Ln6N95fySpxOe3bHLzZFzfzieOl6rnA22xHHpcnbDzWe1xOkAFpa0g5iSsTVnWL1F4U-plTBriC8QTutXpCG9SHwxRBxDeYZCikeXIiRv3VTsGsfy_NAmA9OXaHvx9Y7BLBKDomB3aNUcZoIBylgnWBjvUURVuqnukBQYc2XArh3rTJzwceHvrh-DoJZruSRlAfiYQuP6Q84X5Q2pjWnEm8EJncb44bdaIN4No-I4tij-457FE6zSz8BlwizKene1-EPXpOSZ5DNh6VHJyU0BmQgnrTRuMkBIXQZU8YYkAJeQzo0b_zvxwKPPYMjQo0c9RhWSlgxFDYASO0Prel1vvN97XRBztpj4gQkIbdE3mTnOmIyiRmcpCj_1D97xjI9V2Lg_2deGsRAejkR84BOuKmtwo0zlBKI6AfljDssFc0-u-oEqOPfKgonStDN8QrSrZFQmz-LsmrHjIkOhFEdvF6cBgG4ebO8KGnduYFHdMDScUmWTV93nuut_XUA3WnqWMx2j0ZsR7X6iiqX0m1i4fJTMJZEeLIcqaYpXR3V8dnKbVzSdKVVdQ==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/Umrdc-fwNmKb3o1Io87J7yQmkAo8XwZ9Ln6N95fySpxOe3bHLzZFzfzieOl6rnA22xHHpcnbDzWe1xOkAFpa0g5iSsTVnWL1F4U-plTBriC8QTutXpCG9SHwxRBxDeYZCikeXIiRv3VTsGsfy_NAmA9OXaHvx9Y7BLBKDomB3aNUcZoIBylgnWBjvUURVuqnukBQYc2XArh3rTJzwceHvrh-DoJZruSRlAfiYQuP6Q84X5Q2pjWnEm8EJncb44bdaIN4No-I4tij-457FE6zSz8BlwizKene1-EPXpOSZ5DNh6VHJyU0BmQgnrTRuMkBIXQZU8YYkAJeQzo0b_zvxwKPPYMjQo0c9RhWSlgxFDYASO0Prel1vvN97XRBztpj4gQkIbdE3mTnOmIyiRmcpCj_1D97xjI9V2Lg_2deGsRAejkR84BOuKmtwo0zlBKI6AfljDssFc0-u-oEqOPfKgonStDN8QrSrZFQmz-LsmrHjIkOhFEdvF6cBgG4ebO8KGnduYFHdMDScUmWTV93nuut_XUA3WnqWMx2j0ZsR7X6iiqX0m1i4fJTMJZEeLIcqaYpXR3V8dnKbVzSdKVVdQ==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=c65cff9ca6c4476ca341b24ef9e0fd13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:30 GMT
content-type: image/gif
content-length: 43
x-trace-id: a335b5e15e0c0299d2132dea7afbcae5
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
forfrogadiertor.com/500/5533285?excludes=&oaid=c65cff9ca6c4476ca341b24ef9e0fd13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 forfrogadiertor.com/500/5533285?excludes=&oaid=c65cff9ca6c4476ca341b24ef9e0fd13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
GET /500/5533285?excludes=&oaid=c65cff9ca6c4476ca341b24ef9e0fd13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=f2ca0beb8d1c484081035bd20fa2c1bb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:26 GMT
content-type: application/javascript
x-trace-id: 093d346486c3aa9c55a18efbd6c8fae1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c65cff9ca6c4476ca341b24ef9e0fd13; expires=Sat, 02 Dec 2023 10:31:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddoan.club/apu.php?zoneid=5225632
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddoan.club/apu.php?zoneid=5225632
IP 139.45.197.236:0
GET /apu.php?zoneid=5225632 HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:25 GMT
content-type: application/javascript
x-trace-id: 5704d50747504d49d5553dfe25774081
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=58e5d5a2eafa4a6aa403a8c3cd1a2c6f; expires=Sat, 02 Dec 2023 10:31:25 GMT; path=/; secure; SameSite=None
oaidts=1669977085; expires=Sat, 02 Dec 2023 10:31:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
tei.ai/lHInJhR
104.21.12.229301 Moved Permanently 0 B IP 104.21.12.229:0
GET /lHInJhR HTTP/1.1
Host: tei.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 02 Dec 2022 10:31:22 GMT
content-type: text/html; charset=UTF-8
location: https://ckk.ai/lHInJhR
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFIMYcm3ljxKSAHJI1rxdyxWWLqjeOUZ5nO5KuYaBG04xxcBR4r%2By16dr9KlJJv3d8oTrFvqno7ebESgDGe9zoCJqo3Ab3lPaRvuMi4gsIEeOQorwF%2B34nE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7733647d4ec4b4f3-OSL
X-Firefox-Spdy: h2
oaphoace.net/401/5292343
139.45.197.239200 OK 0 B IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5292343 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:25 GMT
content-type: application/javascript
x-trace-id: d4c256e3079292de60233d30925f1491
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=125b9088f68d49a080d6118c6267e81f; expires=Sat, 02 Dec 2023 10:31:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddoan.club/?rb=LCReXc5XA5hrGXXcWGPydN8mj6PzSqjoTOkr38X0XbLHcRzIdmYvHK6AR3cavl58BbmKY5gEPlJwWc4kx99sOu8lSsdisNP4QVOH9X4v6zd1hXnesGN79qq-6F_sr_IN_Iqwo_m66AhP4wxOSBK81aWJe1LiJYJkYHJNC60C7pCAgi5WXu9DRVCvJfeqwN2LIw_SRG6ozDF2riBcvoiqvIdQEV4oYzpTZvpplw%3D%3D&request_ab2=96001&zoneid=5225632&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=f0068e3b-2297-4f01-9ce1-8127089028c8&userId=c65cff9ca6c4476ca341b24ef9e0fd13&m=link
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddoan.club/?rb=LCReXc5XA5hrGXXcWGPydN8mj6PzSqjoTOkr38X0XbLHcRzIdmYvHK6AR3cavl58BbmKY5gEPlJwWc4kx99sOu8lSsdisNP4QVOH9X4v6zd1hXnesGN79qq-6F_sr_IN_Iqwo_m66AhP4wxOSBK81aWJe1LiJYJkYHJNC60C7pCAgi5WXu9DRVCvJfeqwN2LIw_SRG6ozDF2riBcvoiqvIdQEV4oYzpTZvpplw%3D%3D&request_ab2=96001&zoneid=5225632&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=f0068e3b-2297-4f01-9ce1-8127089028c8&userId=c65cff9ca6c4476ca341b24ef9e0fd13&m=link
IP 139.45.197.236:0
GET /?rb=LCReXc5XA5hrGXXcWGPydN8mj6PzSqjoTOkr38X0XbLHcRzIdmYvHK6AR3cavl58BbmKY5gEPlJwWc4kx99sOu8lSsdisNP4QVOH9X4v6zd1hXnesGN79qq-6F_sr_IN_Iqwo_m66AhP4wxOSBK81aWJe1LiJYJkYHJNC60C7pCAgi5WXu9DRVCvJfeqwN2LIw_SRG6ozDF2riBcvoiqvIdQEV4oYzpTZvpplw%3D%3D&request_ab2=96001&zoneid=5225632&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fckk.ai%2FlHInJhR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=f0068e3b-2297-4f01-9ce1-8127089028c8&userId=c65cff9ca6c4476ca341b24ef9e0fd13&m=link HTTP/1.1
Host: cdn.itskiddoan.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Cookie: OAID=58e5d5a2eafa4a6aa403a8c3cd1a2c6f; oaidts=1669977085
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:25 GMT
content-type: application/json
x-trace-id: d889997f3ebd3f069a454d9ff0426edd
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=c65cff9ca6c4476ca341b24ef9e0fd13; expires=Sat, 02 Dec 2023 10:31:25 GMT; path=/; secure; SameSite=None
oaidts=1669977085; expires=Sat, 02 Dec 2023 10:31:25 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 09 Dec 2022 10:31:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.457.0
139.45.197.234200 OK 0 B URL HTTP/2 bedrapiona.com/5/3491150/?oo=1&js_build=iclick-v1.457.0
IP 139.45.197.234:0
GET /5/3491150/?oo=1&js_build=iclick-v1.457.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:31:25 GMT
content-type: application/json
x-trace-id: 6f087d2e9d82ac1277b7d8e2bc4b0f3f
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=884acc134e4b42e09d1a5c72e1a96b56; expires=Sat, 02 Dec 2023 10:31:25 GMT; path=/; secure; SameSite=None
oaidts=1669977085; expires=Sat, 02 Dec 2023 10:31:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2