r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3000
Expires: Wed, 26 Oct 2022 03:00:48 GMT
Date: Wed, 26 Oct 2022 02:10:48 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4345
Cache-Control: max-age=117168
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 02:10:48 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 10:43:36 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5430
Cache-Control: max-age=118253
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 02:10:48 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 11:01:41 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16370
Expires: Wed, 26 Oct 2022 06:43:38 GMT
Date: Wed, 26 Oct 2022 02:10:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mKSIj+ANVcMDM6K5XGSQugGgKjb8k3z6KkZo6/w+Zvqab1f80TcRIoADLctGcyZaMP6SnhNu0DA=
x-amz-request-id: EB13EDRBG650VG29
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 02:09:11 GMT
age: 97
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 02:10:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9
142.250.74.10200 OK 535 B URL HTTP/1.1 fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9
IP 142.250.74.10:0
Hash 62df4682a8522aa8606ac4311f526e73
8c1ce50400fde634026e1441c62974b60a517ef6
21fb36ca0e4f6dbe94b636ff9c18e3c573a681c89da885577e01ca9447b2723f
GET /css?family=Montserrat%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 26 Oct 2022 02:10:49 GMT
Date: Wed, 26 Oct 2022 02:10:49 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cef0dba9b87a937ecde01b1b559a2c64
8a793058d49bf6c8e5cd310959c2548294d0d982
83021fdaf93c7f8abb8dd6d659f3c49eada1d18f98b2a2340b0c644f7ab6bd2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5723
Cache-Control: max-age=105947
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 02:10:49 GMT
Etag: "63577ba9-116"
Expires: Thu, 27 Oct 2022 07:36:36 GMT
Last-Modified: Tue, 25 Oct 2022 06:01:13 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cef0dba9b87a937ecde01b1b559a2c64
8a793058d49bf6c8e5cd310959c2548294d0d982
83021fdaf93c7f8abb8dd6d659f3c49eada1d18f98b2a2340b0c644f7ab6bd2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5105
Cache-Control: max-age=105329
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 02:10:49 GMT
Etag: "63577ba9-116"
Expires: Thu, 27 Oct 2022 07:26:18 GMT
Last-Modified: Tue, 25 Oct 2022 06:01:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 518ff04fd536958e285cf07aaf4a2786
fa5dad2391c2a9957340bd629f0462db4f412a5c
608c78964412d5dc7025e9cbfaef345d448a29eae0f11257c49a41f274917b9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 600
Cache-Control: max-age=108359
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 02:10:49 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 08:16:48 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
104.18.11.207200 OK 6.0 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (26548)
Hash b4489cda98c3b8b796721ec11c7d1430
16379920b2586c49efcf1ec3d2f0050fa70ac32a
81eba44d68b0fea1b78d903e1c50c0ce602af69bd0305b3f84aa35ba2afd4682
GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kruewancurtain.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 02:10:49 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
cdn-cache: HIT
cf-cache-status: HIT
age: 12197001
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75ffa8625aa4b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kruewancurtain.com/echarts-lonjslone.js
104.21.60.114200 OK 5.4 kB URL HTTP/1.1 kruewancurtain.com/echarts-lonjslone.js
IP 104.21.60.114:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (11257), with no line terminators
Hash 97539dae141d05206d3b9602fcac83b1
d82197f6deb43f1fed195c4ecf2e6bc534b51abb
eb571e02ffbea9598f457cc45a1272fe9c644d967970a3bbf1165198204f7dbc
Analyzer Verdict Alert quad9 Sinkholed
GET /echarts-lonjslone.js HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:49 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
X-Powered-By: Nginx
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHPwlLCoPreCeuOqnwM7Zo544YSdp4GI59U4GVHpV2HTBnSdpYJ3%2Fm3wNAHy1JqV%2FMSYzg96UsOeWj8U7ssKqQVlFeAr4ElagwGJLbijLpD6B%2FFNVo6jKxQQxTvR6hxZBW4MvNI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa861eb83b4f7-OSL
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-content/plugins/manga-config-website-plugin/assets/css/styles.css?ver=6.0.2
104.21.60.114200 OK 1.2 kB URL HTTP/1.1 kruewancurtain.com/wp-content/plugins/manga-config-website-plugin/assets/css/styles.css?ver=6.0.2
IP 104.21.60.114:0
File type ASCII text, with CRLF line terminators
Hash c0c87dcdda2f31474c5b4fd3f0c0d2c3
9263d29fd36f3591417d6a7b2dbca64d0903841a
d58cb11d80e5bd1b747bf24ec709f55df35bd629b40102fe20248eaa65d9cae0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/manga-config-website-plugin/assets/css/styles.css?ver=6.0.2 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab56f9b87def8"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFR6ujnqdEQqmSs5IPFFXIjGt%2BWCo%2BxxQd%2Fo8aMRJ8B6GJgwVCo0DJoTWiaGXo2mwCqn%2BBTwqT2PhQk%2FzgwR%2FBQEFgXsMkDoks11sYaNvSHftF4mUR6NrMOA%2BY8sPUYrfiSCP0A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa861eb80b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-content/themes/flatsome-child/style.css?ver=3.0
104.21.60.114200 OK 2.5 kB URL HTTP/1.1 kruewancurtain.com/wp-content/themes/flatsome-child/style.css?ver=3.0
IP 104.21.60.114:0
Hash a423f4c43ba074ccd0b38a54b97ebee7
14aae5ee0a6b7f74916849b3725d1d1805ef11f8
c6089d9635f166447eba08106a69f2f220109788170eba587a7d84e2a1f4c992
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/flatsome-child/style.css?ver=3.0 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab56f9b772e2a"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1i%2F6RA38j%2FOUlsIasZYmVJr4T4OHp7QoKMy6Rc15dIezrLkp27%2B%2FkmWkVlgnfV3IFsWSzbfv1j88pRZGs2E6HRfKEc%2F2U1F86nWIAzMDpavMYmpouAy7pX618PDNr2aav7d%2FKoM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa861ea7db4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kruewancurtain.com/
104.21.60.114200 OK 39 kB IP 104.21.60.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14136), with CRLF, LF line terminators
Hash e38148c6d7554ecb513e62fd199c0cf5
33e031176cbff0c993f8d69d1248b3916afe849d
e6ef703cb32d2b1e93c72c2d1417dede2a614a8d0b7a645bda374b615264a6ce
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Nginx
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4wFD1L5wtiEfWDsoJKy0jPiSCVvIppTx4jFoYKq7QKmMUGFjjfFWq99vyFmgHGhnCwRiwSq9oGss%2FgQBHFqYRpEY%2BMlOSyWc38OJ%2FLbevdzJuebF%2Bt02Nw2iNGhEvarm87QEAM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75ffa85d8d71b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
104.21.60.114200 OK 31 kB URL HTTP/1.1 kruewancurtain.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 104.21.60.114:0
File type ASCII text, with very long lines (65447)
Hash 141fb600108e5cdbb4af358f6aeb240f
b4f991f17b786fdec01fb0ac726d407265ebe64a
3365d55bebe1cd8c3ce765c7df5fb4c823236392ba36c978ea64706682e84695
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:50 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673a5fb896"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BQ2py5g7bNUHea%2FOHAzOzuvPtF3gvIFQClX3qI7pY2WrlEsnVNisPNTcADZhqoos51KPDk%2B793eBRbIKJGivRig4VuexMs8WHP8WbgoTAJ9Xajw7Rh2ERZUrVyXVXKV9by6ozo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa861fb650b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 26 Oct 2022 05:03:22 GMT
Date: Wed, 26 Oct 2022 02:10:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 26 Oct 2022 05:03:22 GMT
Date: Wed, 26 Oct 2022 02:10:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 26 Oct 2022 05:03:22 GMT
Date: Wed, 26 Oct 2022 02:10:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 26 Oct 2022 05:03:22 GMT
Date: Wed, 26 Oct 2022 02:10:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 26 Oct 2022 05:03:22 GMT
Date: Wed, 26 Oct 2022 02:10:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48cd6d0a-5e38-4eda-b349-0efb558678c9.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48cd6d0a-5e38-4eda-b349-0efb558678c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d4241ae7c2236e38cb6df2a3ecb5c8d
a19ff057587a29f7193f4b2c9755a4f216cc6c59
59aece251cdd8887c545e84bb5113f41b3a6b6af14f60161398b1bf2a5771484
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48cd6d0a-5e38-4eda-b349-0efb558678c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7042
x-amzn-requestid: dc5f1520-35a5-4432-acc8-9361f504d857
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alLEXH1RIAMFkIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585882-5f381fca2cf0db212fedb38a;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:43:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fMWT07LAcOSq_VD9gNZ41MIj1p9PQVO6iwkAaLQAl2jzHKqxuuqp4g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:50:23 GMT
age: 15628
etag: "a19ff057587a29f7193f4b2c9755a4f216cc6c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1cc61ad4b1d66ab4bce27288ee690e12
324e13ad5c99f628d713e55a2994ad4042ece70e
62cd88bc19bc1f0be2a37c3e990897158acd3d55aa3ddd299144d4f9596ba34e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6831
x-amzn-requestid: cc6f38ff-ab33-4b18-8cae-aa6bc061962f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alKjPH7ToAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635857ae-3db2790d0e6c5fab6c4bc81f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tiWbOUwlRzaT2EnCWIgoFaT_ho55s3tgRxalb7yBbI21Pv0BhfLJOg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:52:53 GMT
age: 15478
etag: "324e13ad5c99f628d713e55a2994ad4042ece70e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2792ca2-a8f4-4e81-bcd4-6622a0af2bb5.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2792ca2-a8f4-4e81-bcd4-6622a0af2bb5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09cb7bc8ddfe92c1130dbabd27512fc4
b8eec3e24a3960e1a65b8ae69a0e9648275d7af7
cd6b9cc817d8ce64a8a8f51cbee96343fc26b51d9f2dc8f905303c3c28f5b6da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2792ca2-a8f4-4e81-bcd4-6622a0af2bb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6737
x-amzn-requestid: 7cc81b57-158b-4304-95dc-c0373f710537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alL-kFQPoAMFt7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635859f6-5b43711d2040d32f7a7cfcbd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:49:42 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: v7QWR9jPfLG67Woq6TFAFpG2j82t7l2RCYtg_WXBZcgEIR7WuLrwuQ==
via: 1.1 94be61e339880d0097634de6934f7710.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:52:53 GMT
etag: "b8eec3e24a3960e1a65b8ae69a0e9648275d7af7"
content-type: image/jpeg
age: 15478
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac38eda-2bed-4703-8560-7d07ad90dabc.webp
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac38eda-2bed-4703-8560-7d07ad90dabc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 494a826ce7609ee5cc8157ea5de5f4f7
3d28f2daeef33f37c91bd26cb527793288635103
09f702f40e29e6b0c27abc5c7bb4605e504453b543c92805ba4045bd3d65c4d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac38eda-2bed-4703-8560-7d07ad90dabc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3337
x-amzn-requestid: 5a06b710-2b88-435e-8863-3e0e58742e6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ21FjooAMFp8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585691-2adc1ac2375e087b20ad0e32;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:13 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iVIdtyyk_ph8AiTsWdQgDfWFHVIMh2pw4yrkufwogd3rsZFXwslwkg==
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:46:52 GMT
age: 15839
etag: "3d28f2daeef33f37c91bd26cb527793288635103"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b946c4f2f177828cf7b76c5764e97157
c3856686b98e1883133aa1824c496d34512769a0
be818a015fc9c745ea561a0b9c2aca6ba25ade24acd696fa651163d47b195371
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13796
x-amzn-requestid: 90b1e032-78c6-499d-b564-f25c15e20304
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2OG0SoAMFx-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358568e-599d0f526fc6a01f77b67dcf;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qxBQMJAnYNJVLBf5LSOTC7v3hPl9sh-G-OIqrK7d5KpdVITaQCcGMA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:47:18 GMT
age: 15813
etag: "c3856686b98e1883133aa1824c496d34512769a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OV7g4Y4fcQGijljebzHQtnpKdcPKw6LTxqORxxBJL2lFPYQLLoyNuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:34:40 GMT
age: 5771
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kruewancurtain.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.14.2
104.21.60.114200 OK 31 kB URL HTTP/1.1 kruewancurtain.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.14.2
IP 104.21.60.114:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 293e33b981bf394a8db258adf059b7c5
797589110654860c9356a564f75a654c4f7ec087
a3f1f1dd5ab0ff835393d38878907f117c255cd9ad5e9c23f08264224a6b760b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.14.2 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab56f9c122a33"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkR7zgzJN1P9K6MZd2pneqMleVWgwFTHW4H%2F0tx6kwM3c6PemT3vpyus1UqdJvoyuTBCQgpIQjSBE7ArUaccQ3nUow21PH8pr6ffgVEHS56%2BkCvjBVW5%2FzwNeHkHmMhWZ7ZlVic%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa861e971b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-content/uploads/2021/10/logo-topnhacai.png
104.21.60.114200 OK 82 kB URL HTTP/1.1 kruewancurtain.com/wp-content/uploads/2021/10/logo-topnhacai.png
IP 104.21.60.114:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash d89b0140c30f1dc6b38057c1ae52f28b
4c2c9d2b129d9fabd3aa672c222772a3b144f996
33c6cfb8b4934fb178c8b747d581df623348d292341cf4f17a84d2ac2c7efec4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/10/logo-topnhacai.png HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
ETag: "8dab56f9eb02cbf"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wW%2F%2FiVGF1x8i5OSZEm%2Fo8ryZ66AF6xojQpayCYP90YzJ4A4yeCrEqh2hmLU7Q%2BOAaeE0PBs%2BNW2I6ZFaWqE9Anm29qHedPBic7OihaP68t75LzXHyBJAcK6NazZU0B2%2B3hn9k98%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa8734a970b41-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/1.1 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kruewancurtain.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 30928
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 20 Oct 2022 16:52:38 GMT
Expires: Fri, 20 Oct 2023 16:52:38 GMT
Cache-Control: public, max-age=31536000
Age: 465497
Last-Modified: Mon, 11 Jul 2022 18:57:39 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
216.58.207.195200 OK 25 kB URL HTTP/1.1 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 25036, version 1.0\012- data
Hash 9dd150fb7229e143e0f71ba1fe8c8f63
664abfc4941054600213dda51a3d6f0d05b3c312
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kruewancurtain.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 25036
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 24 Oct 2022 05:55:06 GMT
Expires: Tue, 24 Oct 2023 05:55:06 GMT
Cache-Control: public, max-age=31536000
Age: 159349
Last-Modified: Mon, 11 Jul 2022 18:59:41 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/1.1 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7764, version 1.0\012- data
Hash 0ce128326f68d416deb04f6dba51c4a2
749cee74b13139cb507069a41752920825bcea64
56544b89de11e26ae80a5212b3387d693b1bfbaf68312e3ccc0f0b7a00382f5d
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kruewancurtain.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7764
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 21 Oct 2022 12:52:15 GMT
Expires: Sat, 21 Oct 2023 12:52:15 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 11 Jul 2022 18:56:32 GMT
Content-Type: font/woff2
Age: 393520
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
216.58.207.195200 OK 21 kB URL HTTP/1.1 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21276, version 1.0\012- data
Hash 59c9b83cc112cf7eeb3bf7a5e96b21fe
771790b776b5e1bc3039c337024e400974184208
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kruewancurtain.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 21276
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 20 Oct 2022 17:49:37 GMT
Expires: Fri, 20 Oct 2023 17:49:37 GMT
Cache-Control: public, max-age=31536000
Age: 462078
Last-Modified: Mon, 11 Jul 2022 19:01:17 GMT
Content-Type: font/woff2
kruewancurtain.com/wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/blankshield/blankshield.min.js?ver=4097
104.21.60.114200 OK 941 B URL HTTP/1.1 kruewancurtain.com/wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/blankshield/blankshield.min.js?ver=4097
IP 104.21.60.114:0
File type ASCII text, with very long lines (1666)
Hash 8440a23ab4f645c046b0229443a9328e
82c0aa0f85a1f1b4f7dbdc21fdd550be0cc04698
4b21f0c086f04badb3549774131a76dee5a0dd6a1a3cb44ca8a978d255266f03
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/blankshield/blankshield.min.js?ver=4097 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:55 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673ad6f09c"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcHkBt%2B6oS20n9pLW%2BDH%2BGyWqzy5CYqv0YGe1GNxIvM6N4yWlvZ9j51TH8zu%2BKLXXlJSP3IGmI72TqHiPU6t9cLifAVEcpjuyEFqq3WLvOLQ5haZCAo4q6Xtyug4Aw5QbDwBBGY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88568d10b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/block-tabnapping.js?ver=4097
104.21.60.114200 OK 136 B URL HTTP/1.1 kruewancurtain.com/wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/block-tabnapping.js?ver=4097
IP 104.21.60.114:0
Hash f30b00232367943dff1496acf71eac2d
81d2a2fccab924734354747cef96c922670ffadf
3d637df7065880afe4b346ff51e6162295e91a39ae251b9c0ac2efbcfee6bf6d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/block-tabnapping.js?ver=4097 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:55 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673b423ca2"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmbrDnkO4dWfEFySvpZ2H5Aae3p7k5%2FYgLSl8nKE4mJez1CVnpto4bo8uBcGdzSNRXXHBpQyGtdfiicASjSVu%2FfTgEMmtQZaST%2BxQI7%2BiWJAFmoIYT6KpcXjdVx6cMC6QgimNIo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa8856fe7b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1
104.21.60.114200 OK 1.0 kB URL HTTP/1.1 kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1
IP 104.21.60.114:0
Hash b41e6b8b14e037115967ce8e9069d021
be4b6a31f3d3e9ba540c3fb2016b7f18e1d396b5
8d0edbf6cf14801fe2124cacd0272c496e433a1a9008d02035920284aee2320c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:55 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673bd873e2"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUdxT3qmyS2Djz%2BV1Zmj4%2Frka82Cypn31znRTOQES%2BkluEZiE%2BfDmNacYTqP7L6o5bhDxEo15AjAMDoMwx0m%2BY0PmQfYjD%2B62d7SPmL8bRnqCRzvS59uqIIniRIN7HthTbF%2FB2A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88569e0b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.14.2
104.21.60.114200 OK 5.1 kB URL HTTP/1.1 kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.14.2
IP 104.21.60.114:0
File type ASCII text, with very long lines (12801)
Hash 0223e76f11026b70ea9a0ccbade32a92
c0f3844f7520efcf0f667733b0ee19a883d106b2
c1cb34252c5f8d716e9565156a996ed1d5216c58da5321219e3c94b9bbe1900e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.14.2 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673cdebbed"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BeKopy7%2FTgoJajx5UMMTgjtYxrG9goKVX5JDKZ788ditrknxj%2BFfqws8M4zdywzgVhGAIyaQFefHlLbhBA6vQM0E%2F91V8juvC6EyFdi0QzV7xjYectEZAcB%2BPzqBOulCbvSw%2Fk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa885692db4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
104.21.60.114200 OK 704 B URL HTTP/1.1 kruewancurtain.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 104.21.60.114:0
File type ASCII text, with very long lines (1464)
Hash 8a17c6b2e72d8f5e956b6dc951cad954
5ab730e86399c4e5897248b6d45bc31a6cceb81a
54923b4fd0ecc397f9c1b6a40eab70315d82edc4f5cf8dc3343e76977317771a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673f64e677"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjf2Ixt8Djc1MS4GhGnpjMjurpanLdB7cntLVjTr8j6gNI%2FS%2FojSg4xqJ6ZNAeW9rBp5cPUkuk57D8SnBAs2gkteXn2jKj22FCKHOCv569GeTb6PJhUOMKrhKN2vTNxHoN4H0gA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa8890a890b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
104.21.60.114200 OK 2.4 kB URL HTTP/1.1 kruewancurtain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 104.21.60.114:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 6b0c5288bb5f4619cd7d10c077b2858b
f5fa1550d81a04d13d0d7273c32005722b910022
69c224d56ae4f660970896b60da2cabeb296fd95673a8ea23519db8f4f285b24
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673de9c8cd"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmFIl6go0ne8vmCWaA9m3rGgX4XkWKHjf6cNA1FA%2BEM9aGXwcy0%2FHdF6AsoEbCy0dAryvYygsSlw16lybTwJE7eC4VjnDRMd59hvMWONeDQ5LoK9jHdgbx%2BA%2FTTMjP9t2CpDCtc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88569e2b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
104.21.60.114200 OK 7.1 kB URL HTTP/1.1 kruewancurtain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 104.21.60.114:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash eaee4dc80ca00588e937b1d91255d62f
a6c0d7c8e0d3250c07a2c4863611db3db1adea48
28fe5891dbd0e4bb5729dc8ee7c324ae1a1f62d9a1482d90d455a0a4aa6c984a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673f1d5e73"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoDQqzbsbbGY4K9SIusPjKT4mAuq7OEGC0f%2Bw3k9kgHveyLEuI6mh44YadqlXucbS28hQxBFWJeyjofrJcxth8uT50V5lyVcdfhpQcok0dPAn79trO8LP%2B4ioxIan2Vkc9mj9L4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa8856fa8b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.14.2
104.21.60.114200 OK 596 B URL HTTP/1.1 kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.14.2
IP 104.21.60.114:0
Hash 5fc68c42405590262ab2ac0a7817887f
18e9ea9afa90b625f312cee95a7ddccd3df39bdc
ee04db5a90424e77cd884d37edcc389b0e791aeff359ace182e697982c0fc862
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.14.2 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab56738ebc21b"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQhytFZIOPn4eTrN4FrPRM3zTda0YyKDSjSnsjotWVTNzmWpyK0tGIaJ%2FE1hnYwrl8FB%2BXTEnZ%2BIiWkFBRLQ6%2BIj1Uv%2BwUBOvQBNFCTc986AOf5QUsuQ7AFCdQdJ869jXJFEMCE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88bec31b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.14.2
104.21.60.114200 OK 6.2 kB URL HTTP/1.1 kruewancurtain.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.14.2
IP 104.21.60.114:0
File type Web Open Font Format (Version 2), TrueType, length 6752, version 1.0\012- data
Hash daf0c4d893e9e129358e918fa41cc57d
1718865c91e3a17e4bfffd1313192e3fba47cd65
4dd1efbcfd9d74395589ab61fc374cfdb03b93e26b89d279b29d4d764b941507
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.14.2 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: text/html;; charset=gb2312
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Wed, 26 Oct 2022 02:10:56 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfRc6KjEw42CSw1axrH2455X1%2BVZwpeJ2louCVCOA0Y2ZIf5yEJrYDYuhdRUS2Y%2FlvdaaMYfZrJ8fjVGxq%2FwWRIScrAi0gkI4mHG3d2BSm9ilMT%2FonS8J6n52b7p3h%2FWGs0rEv4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88c8c61b4f1-OSL
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-content/themes/flatsome-child/images/bottom-pattern.png
104.21.60.114200 OK 1.0 kB URL HTTP/1.1 kruewancurtain.com/wp-content/themes/flatsome-child/images/bottom-pattern.png
IP 104.21.60.114:0
File type PNG image data, 57 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash 67d44df001d31f0e2f60bdf198c361c2
f8524fd787e41d2096f82684a0a3a90b71e0064a
7c2d270422dfd28f50a74a28ab0d11614c639d2b5ec7a8e6b00566fe7197089e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/flatsome-child/images/bottom-pattern.png HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/wp-content/themes/flatsome-child/style.css?ver=3.0
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
ETag: "8dab56f9e6fcbf2"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jF6gi0SZyoCGdA%2BsmPE8nhemH2ZEP05hn1HVd7mVCt3AqKrz91dncRiGRkvkHsIeFnkHJCBJv%2FDKWyZHshBssQ8AmhUY%2BY1VzW5j3AVA2FlFjpp9qCMFXae2bO31hyfDMFHVPT0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88d5caab4f7-OSL
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-content/themes/flatsome-child/images/medal_orange.png
104.21.60.114200 OK 782 B URL HTTP/1.1 kruewancurtain.com/wp-content/themes/flatsome-child/images/medal_orange.png
IP 104.21.60.114:0
File type PNG image data, 30 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 1afe2a72dd09424358de47acdc3ada29
2c58498481be577f7edd19089e7cf551db7a4920
86940faa5b610270146e26d58a600eb78ed5cae833bbfc2d06aa069d4384e415
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/flatsome-child/images/medal_orange.png HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/wp-content/themes/flatsome-child/style.css?ver=3.0
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
ETag: "8dab56f9e1530b6"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LVgts%2BAOns6fzD0rfitqpbiukEUhdQru8ARMYFMnuDy8fEVOs0MesjSjjAHNq%2FXzMbggBI%2FOG9MNXrv3eOKohk6u6naLNxY0mlQkqS11bf1vhZ5lH2Ad0IX%2F1wQvqvXWLNt7hs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88e8c1eb4fd-OSL
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-content/themes/flatsome-child/images/medal_blue.png
104.21.60.114200 OK 858 B URL HTTP/1.1 kruewancurtain.com/wp-content/themes/flatsome-child/images/medal_blue.png
IP 104.21.60.114:0
File type PNG image data, 30 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash c442adff28dd5ed700cb657a0fb383d5
8b57eabe045b49abe54bc7306780735ccd4af83f
f58400dc9b62c450ae42e129ee1b6ce1d131ff660bcb16fbdc5ed9f5b76334e4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/flatsome-child/images/medal_blue.png HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/wp-content/themes/flatsome-child/style.css?ver=3.0
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:57 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
ETag: "8dab56f9e807cbc"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaY3%2Fd1y3EEF6jh%2BnnWY%2F1pbaVt9Essno7kk3TxR59n38w9vSfxRJracQuLkT%2F7A7%2BMsUiiGM6bGOkwAxRFagtoemHw6aJY0na8MGkcrZrFjyZ1q8MpjpVXJHfRbmaZIEpfpADs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88f8d5ab4f7-OSL
alt-svc: h2=":443"; ma=60
www.w3counter.com/tracker.js?id=146887
104.26.7.93200 OK 0 B URL HTTP/2 www.w3counter.com/tracker.js?id=146887
IP 104.26.7.93:0
GET /tracker.js?id=146887 HTTP/1.1
Host: www.w3counter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kruewancurtain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 02:10:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.3.15
cache-control: no-cache
set-cookie: SERVERID=s4; path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pkJhU1htXOBBvA98%2FdH0BXdHQAjAfVUvrXA7ExFhzuf16yh55ftS0bVf5dGiGfzpONKokMO0OyFZU%2Bm1eH9HSp8LjtyRRjWF9mjDeNsPbZH8V4TlfYa1JHUEvby1FI%2BPwgt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75ffa8859b43b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
kruewancurtain.com/wp-content/uploads/2021/10/nen-nha-cai.jpg
104.21.60.114200 OK 0 B URL HTTP/1.1 kruewancurtain.com/wp-content/uploads/2021/10/nen-nha-cai.jpg
IP 104.21.60.114:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/10/nen-nha-cai.jpg HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:57 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
ETag: "8dab56f9ec5a259"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DEb64c9a51HzMC4RPBmQPUNOoY7PNDEBsK4MTk1S2gLKotOkdKmV7mrD5TCTjbCzkIY2q1EnKL2AVnPSZUNku6iAv9%2B4o6oTmYij1C2juUuCi2JjzkMUyRgkq04ZNbJaRzRRfM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88ccbe30b41-OSL
alt-svc: h2=":443"; ma=60
kruewancurtain.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=942e5d46e3c174a7d6798
104.21.60.114200 OK 0 B URL HTTP/1.1 kruewancurtain.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=942e5d46e3c174a7d6798
IP 104.21.60.114:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=942e5d46e3c174a7d6798 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:57 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab56741278c2a"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0O8BGCC9eggKo%2BtnzgLknhOokVxMMXwiL2FRxc5mhWJ1Db3%2Bd1pMPOT69SPkn3nrjXLb%2BbBDrnf%2FQc2XU4qH4a4bXnMtBpX%2BXFhhrak%2BPk7VuFqvD4xCd6xZw%2F%2Bo9JnN7UMm4vU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa889199bb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60